Computing system with protocol protection mechanism and method of operation thereof

ABSTRACT

A computing system includes: a control unit configured to: determine a protocol profile including a first protocol and a second protocol for communicating between a first device and a second device, generate a unified-protocol privacy mechanism for a privacy protection scenario, the unified-protocol privacy mechanism based on combining the first protocol and the second protocol; and a communication unit, coupled to the control unit, configured to communicate content information according to the unified-protocol privacy mechanism between the first device and the second device.

CROSS-REFERENCE TO RELATED APPLICATION(S)

This application claims the benefit of U.S. Provisional PatentApplication Ser. No. 61/767,381 filed Feb. 21, 2013, and the subjectmatter thereof is incorporated herein by reference thereto.

TECHNICAL FIELD

An embodiment of the present invention relates generally to a computingsystem, and more particularly to a system with a protocol protectionmechanism.

BACKGROUND

Modern consumer and industrial electronics, especially devices such ascomputing systems, cellular phones, portable digital assistants, andcombination devices are providing increasing levels of functionality tosupport modern life including online social networks. Research anddevelopment in the existing technologies can take numerous differentdirections.

As users become more empowered with the growth in computing, varioususes begin to take advantage of this new device space. One suchadvancement has been protecting sensitive or private information.However, the rapid growth in consumer electronics and the increase inunauthorized access and usage of personal data have presented newchallenges for the users.

Thus, a need still remains for a computing system with protocolprotection mechanism. In view of the ever-increasing commercialcompetitive pressures, along with growing consumer expectations and thediminishing opportunities for meaningful product differentiation in themarketplace, it is increasingly critical that answers be found to theseproblems. Additionally, the need to reduce costs, improve efficienciesand performance, and meet competitive pressures adds an even greaterurgency to the critical necessity for finding answers to these problems.

Solutions to these problems have been long sought but prior developmentshave not taught or suggested any solutions and, thus, solutions to theseproblems have long eluded those skilled in the art.

SUMMARY

An embodiment of the present invention provides a computing system,including: a control unit configured to: determine a protocol profileincluding a first protocol and a second protocol for communicatingbetween a first device and a second device, generate a unified-protocolprivacy mechanism for a privacy protection scenario, theunified-protocol privacy mechanism based on combining the first protocoland the second protocol; and a communication unit, coupled to thecontrol unit, configured to communicate content information according tothe unified-protocol privacy mechanism between the first device and thesecond device.

An embodiment of the present invention provides a method of operation ofa computing system including: determining a protocol profile including afirst protocol and a second protocol for communicating between a firstdevice and a second device; generating a unified-protocol privacymechanism with a control unit for a privacy protection scenario, theunified-protocol privacy mechanism based on combining the first protocoland the second protocol; and communicating content information accordingto the unified-protocol privacy mechanism between the first device andthe second device.

An embodiment of the present invention provides a non-transitorycomputer readable medium including instructions for operating acomputing system including: determining a protocol profile including afirst protocol and a second protocol for communicating between a firstdevice and a second device; generating a unified-protocol privacymechanism for a privacy protection scenario, the unified-protocolprivacy mechanism based on combining the first protocol and the secondprotocol; and communicating content information according to theunified-protocol privacy mechanism between the first device and thesecond device.

Certain embodiments of the invention have other steps or elements inaddition to or in place of those mentioned above. The steps or elementswill become apparent to those skilled in the art from a reading of thefollowing detailed description when taken with reference to theaccompanying drawings.

BRIEF DESCRIPTION OF THE DRAWINGS

FIG. 1 is a computing system with protocol protection mechanism in anembodiment of the present invention.

FIG. 2 is an example display of the first device.

FIG. 3 is an example block diagram of the computing system.

FIG. 4 is a further example block diagram of the computing system.

FIG. 5 is a control flow of the computing system.

FIG. 6 is a detailed example of the private sharing mechanism.

FIG. 7 is a detailed example of the vector testing mechanism.

FIG. 8 is a detailed example of a private-set intersection protocol.

FIG. 9 is a detailed example of the unified-protocol privacy mechanismof FIG. 2.

FIG. 10 is a further detailed example of the unified-protocol privacymechanism of FIG. 2.

DETAILED DESCRIPTION

The following embodiments of the present invention can be used toprotect user information, including information associated with a socialnetwork service. Content information for or utilizing the social networkservice can be protected according to a privacy protection scenario andindependent of a content encryption mechanism by unifying instances ofexchange protocol used in communicating the content information.

A protocol profile can be determined for the instances of the exchangeprotocol, such as for a first protocol and a second protocol. Aunified-protocol privacy mechanism can be generated based on theprotocol profile for unifying the instances of the exchange protocol.The unified-protocol privacy mechanism can be generated by combining theinstances of the exchange protocol, such as by combining the firstprotocol and the second protocol.

The unified-protocol privacy mechanism can utilize a placeholdercontent, a placeholder node, or a combination thereof for unifying theinstances of the exchange protocol. A cache-communication profile can befurther generated and utilized to protect the user sharing patterns.

The unified-protocol privacy mechanism combining multiple instances ofthe exchange protocol for the privacy protection scenario providesincreased protection for the content information from access by anunintended observer. The unified-protocol privacy mechanism utilizingthe placeholder content, the placeholder node, or a combination thereofprovides increased security and robustness. The cache-communicationprofile utilizing the placeholder content for the privacy protectionscenario provides increased protection.

The following embodiments are described in sufficient detail to enablethose skilled in the art to make and use the invention. It is to beunderstood that other embodiments would be evident based on the presentdisclosure, and that system, process, or mechanical changes may be madewithout departing from the scope of an embodiment of the presentinvention.

In the following description, numerous specific details are given toprovide a thorough understanding of the invention. However, it will beapparent that the invention may be practiced without these specificdetails. In order to avoid obscuring an embodiment of the presentinvention, some well-known circuits, system configurations, and processsteps are not disclosed in detail.

The drawings showing embodiments of the system are semi-diagrammatic,and not to scale and, particularly, some of the dimensions are for theclarity of presentation and are shown exaggerated in the drawingfigures. Similarly, although the views in the drawings for ease ofdescription generally show similar orientations, this depiction in thefigures is arbitrary for the most part. Generally, the invention can beoperated in any orientation. The embodiments have been numbered firstembodiment, second embodiment, etc. as a matter of descriptiveconvenience and are not intended to have any other significance orprovide limitations for an embodiment of the present invention.

The term “module” referred to herein can include or be implemented assoftware, hardware, or a combination thereof in the present invention inaccordance with the context in which the term is used. For example, thesoftware can be machine code, firmware, embedded code, and applicationsoftware. The software can also include a function, a call to afunction, a code block, or a combination thereof. Also for example, thehardware can be gates, circuitry, processor, computer, integratedcircuit, integrated circuit cores, a pressure sensor, an inertialsensor, a microelectromechanical system (MEMS), passive devices,physical non-transitory memory medium having instructions for performingthe software function, a portion therein, or a combination thereof.

The term “processing” as used herein includes filtering signals,decoding symbols, assembling data structures, transferring datastructures, manipulating data structures, and reading and writing datastructures. Data structures are defined to be information arranged assymbols, packets, blocks, files, input data, system generated data, suchas calculated or generated data, and program data.

Referring now to FIG. 1, therein is shown a computing system 100 withprotocol protection mechanism in an embodiment of the present invention.The computing system 100 includes a first device 102, such as a mobiledevice including a cellular phone or a notebook computer, connected to anetwork 104.

The first device 102 can be a client or a server. For example, the firstdevice 102 can be of any of a variety of devices, such as a smartphone,a cellular phone, personal digital assistant, a tablet computer, anotebook computer, or other multi-functional display or entertainmentdevice. The first device 102 can couple, either directly or indirectly,to the network 104 for exchanging information with other devices.

The network 104 is a system of wired or wireless communication devicesthat are connected to each other for enabling communication betweendevices. For example, the network 104 can include a combination ofwires, transmitters, receivers, antennas, towers, stations, repeaters,telephone network, servers, or client devices for a wireless cellularnetwork. The network 104 can also include a combination of routers,cables, computers, servers, and client devices for various sized areanetworks.

The network 104 can span and represent a variety of network types andnetwork topologies. For example, the network 104 can include wirelesscommunication, wired communication, optical, ultrasonic, or thecombination thereof. Satellite communication, cellular communication,Bluetooth, Infrared Data Association standard (IrDA), wireless fidelity(WiFi), and worldwide interoperability for microwave access (WiMAX) areexamples of wireless communication that can be included in the network104. Ethernet, digital subscriber line (DSL), fiber to the home (FTTH),and plain old telephone service (POTS) are examples of wiredcommunication that can be included in the network 104. Further, thenetwork 104 can traverse a number of network topologies and distances.For example, the network 104 can include direct connection, personalarea network (PAN), local area network (LAN), metropolitan area network(MAN), wide area network (WAN), or a combination thereof.

Device users (not shown) can communicate with each other or access orcreate information using devices including text, images, symbols,location information, and audio, as examples. The users can beindividuals or enterprise companies. The information can be createddirectly from a user or operations performed on these information tocreate more or different information.

The computing system 100 can include a second device 106 for directly orindirectly linking and communicating with the first device 102. Thesecond device 106 can link or communicate with the first device 102through the network 104. The second device 106 can receive wirelesssignals from the first device 102, transmit signals to the first device102, process signals, or a combination thereof. The second device 106can also relay signals between other base stations, components withinthe network 104, or a combination thereof.

The second device 106 can be any of a variety of centralized ordecentralized computing devices. For example, the second device 106 canbe a multimedia computer, a laptop computer, a desktop computer, a videogame console, grid-computing resources, a virtualized computer resource,cloud computing resource, routers, switches, peer-to-peer distributedcomputing devices, a media playback device, a recording device, such asa camera or video camera, or a combination thereof. In another example,the second device 106 can be a server at a service provider or acomputing device at a transmission facility.

The computing system 100 can include a third device 108 for directly orindirectly linking and communicating with the first device 102, thesecond device 106, or a combination thereof. The third device 108 canlink or communicate with the first device 102 directly or through thenetwork 104. The third device 108 can similarly link or communicate withthe second device 106.

For illustrative purposes, the computing system 100 is described withthe first device 102 and the third device 108 as consumer devices orportable devices, and with the second device 106 as a stationary or anenterprise device. However, it is understood that the first device 102,the third device 108, and the second device 106 can be any variety ofdevices. For example, the first device 102, the third device 108, or acombination thereof can be a stationary device or an enterprise system,such as a television or a server. Also for example, the second device106 can be a consumer device or a portable device, such as a smart phoneor a wearable device.

The first device 102, the second device 106, the third device 108, or acombination thereof can connect to and communicate with other devices,such as other mobile devices, servers, computers, telephones, or acombination thereof. For example, the first device 102, the seconddevice 106, the third device 108, or a combination thereof cancommunicate with other devices by transmitting signals, receivingsignals, processing signals, or a combination thereof and displaying acontent of the signals, audibly recreating sounds according to thecontent of the signals, processing according to the content, such asstoring an application or updating an operating system, or a combinationthereof.

For illustrative purposes, the computing system 100 is described withthe first device 102 as a portable multi-functional device, although itis understood that the first device 102 can be different types ofdevices. For example, the first device 102 can also be a workstation ora multimedia presentation, such as be a presentation including sound, asequence of streaming images or a video feed, text or a combinationthereof.

For further illustrative purposes, the computing system 100 is describedwith the second device 106 as a computing device and as a server,although it is understood that the second device 106 can be differenttypes of devices as described above. Also for illustrative purposes, thecomputing system 100 is shown with the second device 106, the firstdevice 102, and the third device 108 as end points of the network 104,although it is understood that the computing system 100 can have adifferent partition between the first device 102, the second device 106,the third device 108, and the network 104. For example, the first device102, the second device 106, the third device 108, or a combinationthereof can also function as part of the network 104.

Referring now to FIG. 2, therein is shown an example display of thefirst device 102. The first device 102 can show a social network service202. The social network service 202 is a facility or a provider forfacilitating or providing a social structure or a set of connectionsbetween a set of social actors or users. The social network service 202can include a set of dyadic ties between the social actors or the users.For example, the social network service 202 can include Facebook™,Twitter™, LinkedIn™, Pinterest™, Snapchat™, Tumblr™, Line™, WhatsApp™,Foursquare™, or other similar services.

The social network service 202 can include individual accounts 204 eachrepresenting information corresponding to a user, a group, anorganization, an entity, or a combination thereof. The individualaccounts 204 can include a profile, a connection list, a webpage, amessage authored by the user or other users, schedules or dates, or acombination thereof for the user associated with the individual accounts204.

Each of the individual accounts 204 can include one or more instances ofa feature 206. The feature 206 is a unit of information. The feature 206can include a letter, a number, a pointer or a link, an address, visualdata, audible data, an instruction, or a combination thereof. Thefeature 206 can include a unit of information corresponding to a knownor a commonly accepted category, a logical or an abstract meaning orsignificance, or a combination thereof. For example, the feature 206 caninclude an account identification, an account connection 208, or acombination thereof.

The account identification can include a letter, a number, a symbol, ora combination thereof representing the user, the group, theorganization, the entity, or a combination thereof owning, controlling,or a combination thereof for the individual accounts 204. The accountidentification can include a name, a sign, an image, a screen name, anaddress, or a combination thereof.

The account connection 208 is a representation of a separate person or aseparate entity, different from and associated with the person or theentity represented by corresponding instance of the individual accounts204. The account connection 208 can represent a relationship betweeninstances of the individual accounts 204. The account connection 208 canrepresent the structural information of the social network service 202.

For example, the account connection 208 can include data, the accountidentification, a link to, a description, or a combination associatedwith one or more instances of the individual accounts 204 belonging to afriend, a colleague, an acquaintance, or a combination thereof. Also forexample, the account connection 208 can include data, a description, ora combination describing a friend, a colleague, an acquaintance, or acombination thereof.

The computing system 100 can enable exchange of data between varioususers. The computing system 100 can include the social network service202 enabling communication between the individual accounts 204. Forexample, the social network service 202 can include a source account 210and a receiver account 212.

The source account 210 is an instance of the individual accounts 204transmitting information. The receiver account 212 is an instance of theindividual accounts 204 receiving the information sent from the sourceaccount 210. The receiver account 212 can be an intended user of thecommunicated information.

An unintended observer 214 can exist relative to the source account 210and the receiver account 212. The unintended observer 214 is a person, agroup, or an entity apart from users of the source account 210 and thereceiver account 212.

The unintended observer 214 can include the person, the group, or theentity accessing or attempting to access the feature 206, thecommunicated information, or a combination thereof from the sourceaccount 210, the receiver account 212, there-between, or a combinationthereof without permission from the source account 210, the receiveraccount 212, or a combination thereof. For example, the unintendedobserver 214 can include the social network service 202, a server, aservice provider, a hacker, an unintended recipient, or a combinationthereof not intended as the final recipient of the information.

The computing system 100 can communicate content information 216 betweenthe first device 102, the second device 106 of FIG. 1, the third device108 of FIG. 1, or a combination thereof. The content information 216 isdata communicated between the first device 102, the second device 106,the third device 108, or a combination thereof. The content information216 can be the data communicated between the source account 210 and thereceiver account 212.

The content information 216 can include a relevant location 218, amessage 220, a privacy rating 222, or a combination thereof. Therelevant location 218 is a geographic location or area associated withthe person or the entity associated with the content information 216.The relevant location 218 can include the geographic location of theassociated device, such as the first device 102, the second device 106,the third device 108, or a combination thereof, the user, or acombination thereof.

For example, the relevant location 218 can include a current location ofthe first device 102, the second device 106, the third device 108, thesource account 210, the receiver account 212, or a combination thereofat the time of transmitting or receiving the content information 216.Also for example, the relevant location 218 can include a currentlocation, a residential or a professional location, or a combinationthereof of the user associated with the first device 102, the seconddevice 106, the third device 108, the source account 210, the receiveraccount 212, or a combination thereof.

The message 220 can be a letter, a number, a symbol, an image, a sound,or a combination thereof for communicating data to the user of thereceiver account 212. For example, the message 220 can include a note, atext message, an email, a picture, a sound file, a derivation thereof ora combination thereof.

The privacy rating 222 is a description of a limitation in accessing thecontent information 216. The privacy rating 222 can include settingslimiting the access to only the receiver account 212, a device or theuser associated therewith, or a combination thereof. The privacy rating222 can further include a public setting accessible to anyone or withouta specific requirement, a selective setting accessible based on meetingthe specific requirement, or a combination thereof.

For example, the user of the source account 210 can utilize the firstdevice 102 to communicate the content information 216. As a morespecific example, the user can use the first device 102 to transmit therelevant location 218 representing a current location of the user.

Continuing with the example, the first device 102 can transmit thecontent information 216 to the receiver account 212 through the seconddevice 106, such as a server, a router, the social network service 202,or a combination thereof. The second device 106 can receive the contentinformation 216 from the first device 102 and transmit the contentinformation 216 to receiver account 212, the third device 108, or acombination thereof associated with a further user. The further user canaccess the content information 216, the receiver account 212, or acombination thereof utilizing the third device 108.

The user can communicate the content information 216 at a contentorigination time 224. The content origination time 224 is arepresentation of time when the user sends or transmits the contentinformation 216. The content origination time 224 can be the time whenthe user saves the content information 216, initiates or enables thecommunication function, or a combination thereof.

The content information 216 can be further communicated at a contentshare time 226. The content share time 226 is a representation of timewhen the content information 216 is sent to the receiver account 212.The content share time 226 can be same as or different from the contentorigination time 224. The computing system 100 can send the contentinformation 216 to the receiver account 212, the further user or anydevice associated therewith, or a combination thereof after a designateddelay.

Continuing with the example, the computing system 100 can receive orstore the content information 216 from the user through the sourceaccount 210 using the first device 102 at the content origination time224. The computing system 100 can store or hold the content information216 at the first device 102, transmit to and store the contentinformation 216 at the second device 106, such as the server or thesocial network service 202, or a combination thereof. The computingsystem 100 can transmit the content information 216 to the receiveraccount 212, the third device 108 or the further user associatedtherewith, or a combination thereof immediately or after the designateddelay according to the content share time 226.

The computing system 100 can utilize various processes and mechanismsfor a privacy protection scenario 228. The privacy protection scenario228 is a goal, a result, a requirement for protecting user'sinformation. The computing system 100 can protect information regardingthe user from being accessed by the unintended observer 214.

The privacy protection scenario 228 can be different from an efficiencyscenario and increase a processing time, a processing burden, a requiredstorage space, a required bandwidth, or a combination thereof. Theprivacy protection scenario 228 can utilize a hardware device, anoperating system, an application, a derivation thereof, a portiontherein, or a combination thereof.

The privacy protection scenario 228 can include obscuring, adding,reordering, deleting, or a combination thereof for the contentinformation 216. The privacy protection scenario 228 can utilizepredetermined or recognizable formats, codes, or a combination thereoffor only the receiver account 212. The privacy protection scenario 228can prevent or aim to prevent the unintended observer 214 not having thepredetermined or recognizable formats, the codes, or a combinationthereof from accessing the content information 216.

For example, the computing system 100 can limit or restrict theunintended observer 214, a device, a different user, or a combinationthereof from accessing the content information 216 inconsistent with theprivacy rating 222. Also for example, the unintended observer 214 canuse the content share time 226 to determine a content share pattern 230.

The content share pattern 230 can include data or information regardingthe user of the source account 210 or the further user of the receiveraccount 212. For example, the content share pattern 230 can include atime, a method, a condition associated therewith, or a combinationthereof the user or the further user communicating information,utilizing the social network service 202, associated devices, or acombination thereof.

The computing system 100 can use a content encryption mechanism 232 toprotect the content information 216. The content encryption mechanism232 is a process of encoding information for limiting access thereto.The content encryption mechanism 232 can encode the content information216 for preventing access thereto by the unintended observer 214. Forexample, the content encryption mechanism 232 can include symmetric keyencryption or the public key encryption. Also for example, the contentencryption mechanism 232 can include or utilize an encryption key 234.

The encryption key 234 is information or parameter for processinginformation for encryption, decryption, or a combination thereof. Theencryption key 234 can be the information or the parameter fortransforming the content information 216 into an encrypted result,transforming the encrypted result back to the content information 216,or a combination thereof. The source account 210, the receiver account212, the device associated therewith, or a combination thereof caninclude the encryption key 234. The computing system 100 can exclude theencryption key 234 from the unintended observer 214 for the privacyprotection scenario 228.

The computing system 100 can use an exchange protocol 236 to communicatethe content information 216. The exchange protocol 236 is a system ofrules for exchanging or communicating data between devices. The exchangeprotocol 236 can be for communicating between the first device 102, thesecond device 106, the third device 108, or a combination thereof. Theexchange protocol 236 can include a sequence of steps or data, aspecific order or format within communicated data, a time associatedwith exchange of information, a limitation on possible data, anerror-detection or an error-correction information, or a combinationthereof.

The unintended observer 214 can further infer information regarding theuser or the content information 216 based on the exchange protocol 236.For example, the social network service 202 can utilize differentinstances of the exchange protocol 236 for sharing different types ofthe content information 216, different levels of granularity, based ondifferent circumstances, or a combination thereof.

As a more specific example, the social network service 202 can use oneinstance of the exchange protocol 236 for sharing the relevant location218 at a larger granularity, such as at a city or a town level. Thesocial network service 202 can use a different instance of the exchangeprotocol for sharing the relevant location 218 at a smaller granularity,such as using exact coordinates or block level.

Continuing with the example, the unintended observer 214 can determineor infer data regarding the content information 216 based on theexchange protocol 236 used to communicate the content information 216.As a more specific example, the unintended observer 214 can determinethe granularity, circumstances, types, or a combination thereofregarding the relevant location 218 based on a timing, a sequence, aquantity, or a combination thereof for exchanges between devices. Theunintended observer 214 can determine the exchange protocol 236 based onthe timing, the sequence, the quantity, or a combination thereof forexchanges and infer data regarding the content information 216 includingthe relevant location 218.

The computing system 100 can use a protocol key 238, a protocol profile240, or a combination thereof to protect user's information. Theprotocol key 238 is information or parameter for processing informationfor processing the exchange protocol 236. The protocol key 238 can besimilar to the encryption key 234 but for processing the exchangeprotocol 236 instead of the content encryption mechanism 232.

The protocol key 238 can include a password, the encryption key 234 foraccessing or utilizing a predetermined set of commands, sequences,timing, or a combination thereof. The protocol key 238 can include avalue, a format or an order of information, or a combination thereof.

The protocol profile 240 is a description regarding the exchangeprotocol 236 according to a profile boundary 242. The profile boundary242 is a limitation or a range for the protocol profile 240. The profileboundary 242 can include a single instance of software or application,an operating system, a device, or a combination thereof. The protocolprofile 240 can include instances of the exchange protocol 236 possiblefor use within the profile boundary 242, details therein, or acombination thereof.

For example, the protocol profile 240 can include a first protocol 244,a second protocol 246, or a combination thereof. The first protocol 244can be an instance of the exchange protocol 236, and the second protocol246 can be an instance of the exchange protocol 236 different from thefirst protocol 244. As a more specific example, the protocol profile 240can include a private sharing mechanism 248 as the first protocol 244,the vector testing mechanism 250 for the second protocol 246, or acombination thereof.

The private sharing mechanism 248 is a protocol for exchanging therelevant location 218 using the content encryption mechanism 232. Theprivate sharing mechanism 248 can only use the content encryptionmechanism 232 for preventing access by the unintended observer 214.Details regarding the private sharing mechanism 248 will be describedbelow.

The vector testing mechanism 250 is a protocol for exchanging therelevant location 218 using a proximity test with a Private EqualityTesting (PET). The vector testing mechanism 250 can be a differentprotocol from the private sharing mechanism 248. The vector testingmechanism 250 can be more complex than the private sharing mechanism248. For example, the vector testing mechanism 250 can include orrequire different or additional exchanges. Also for example, the vectortesting mechanism 250 can include or require additional, different, morecomplex, or a combination thereof for the information within one or moreof the exchanges. Details regarding the vector testing mechanism 250will be described below.

For illustrative purposes, the protocol profile 240 is described asincluding two instances of the exchange protocol 236. However, it isunderstood that the protocol profile 240 can include any number ofinstances of the exchange protocol 236 utilized or accessible within theprofile boundary 242, such as for a device or an application. Forexample, the protocol profile 240 can additionally include a Private SetIntersection (PSI) protocol as a third instance of the exchange protocol236.

The protocol profile 240 can include a protocol sequence 252, a protocolscenario 254, a field format 256, or a combination thereof. The protocolsequence 252 is an order for exchanging data, such as for communicatingparties or type of communicated information. The protocol sequence 252can describe the order for the instances of the exchange protocol 236included in the protocol profile 240, including the first protocol 244,the second protocol 246, or a combination thereof.

The protocol scenario 254 is one or more conditions or requirementscorresponding to instances of the exchange protocol within the protocolprofile 240. For example, the protocol scenario 254 can specify one ormore conditions for utilizing the instances of the exchange protocol 236included in the protocol profile 240, including the first protocol 244,the second protocol 246, or a combination thereof.

The field format 256 is an order or a requirement for a type of datawithin an exchanged data for each instance of the exchanges in theprotocol sequence 252. The field format 256 can include a meaning or apurpose for each unit of information described by the field format 256.For example, the field format 256 can describe a meaning, a purpose, anorder, or a combination thereof within one or more packets ofinformation in each instance of the exchanges.

The computing system 100 can further generate and use a unified-protocolprivacy mechanism 258 to protect the user's information. Theunified-protocol privacy mechanism 258 is an instance of the exchangeprotocol 236 for use independent of the protocol scenario 254. Theunified-protocol privacy mechanism 258 can be utilized for allsituations or conditions described in the protocol scenario 254 insteadof the specific instances of the exchange protocol 236 associatedtherewith.

The unified-protocol privacy mechanism 258 can be for the privacyprotection scenario 228. The unified-protocol privacy mechanism 258 canprevent the unintended observer 214 from obtaining data regarding thecontent information 216 through the exchange protocol 236.

The unified-protocol privacy mechanism 258 can be a combination of theinstances of the exchange protocol 236 described by the protocol profile240 including the first protocol 244, the second protocol 246, or acombination thereof. For example, the unified-protocol privacy mechanism258 can be a combined instance of the first protocol 244 and the secondprotocol 246, such as a combination of the private sharing mechanism 248and the vector testing mechanism 250.

The unified-protocol privacy mechanism 258 can include a unifiedsequence 260, a unified format 262, or a combination thereof. Theunified-protocol privacy mechanism 258 can be without a unified scenariosince the unified-protocol privacy mechanism 258 can replace differentinstances of the exchange protocol 236 for the profile boundary 242.

The unified sequence 260 is an order for exchanging data, such as forcommunicating parties or type of communicated information for theunified-protocol privacy mechanism 258. The unified sequence 260 caninclude the order combining or unifying the protocol sequence 252 forthe exchange protocol 236 included in the protocol profile 240. Forexample, the unified sequence 260 can combine the exchange protocol 236for the first protocol 244 and the second protocol 246, such as for theprivate sharing mechanism 248 and the vector testing mechanism 250.

The unified format 262 is an order or a requirement for a type of datawithin an exchanged data for each instance of the exchanges in theunified sequence 260. The unified format 262 can include the order orthe requirement combining or unifying the field format 256 for theexchange protocol 236 included in the protocol profile 240.

For example, the unified format 262 can combine the field format 256 forthe first protocol 244 and the second protocol 246, such as for theprivate sharing mechanism 248 and the vector testing mechanism 250. Alsofor example, the unified format 262 can describe a meaning, a purpose,an order, or a combination thereof within one or more packets ofinformation in each instance of the exchanges for the unified-protocolprivacy mechanism 258.

The computing system 100 can further utilize a placeholder content 264,a cache-communication profile 266, or a combination thereof to protectthe user's information. The placeholder content 264 is data unrelated tothe content information 216. The computing system 100 can generate theplaceholder content 264 for protecting the content information 216.

The placeholder content 264 can include random data or data independentof the content information 216. The placeholder content 264 can also bebased on the content information 216. The receiver account 212 canrecognize, ignore, discard, or a combination thereof for the placeholdercontent 264 based on the unified-protocol privacy mechanism 258, theprotocol key 238, or a combination thereof.

The cache-communication profile 266 is a description for a timing ofcommunicating the content information 216. The cache-communicationprofile 266 can include the delay from the content origination time 224to the content share time 226. The computing system 100 can use thecache-communication profile 266 to delay the communication to thecontent share time 226 instead of immediately communicating the contentinformation 216 at the content origination time 224.

The computing system 100 can use the cache-communication profile 266independent of an online status 268, such as based on the user accessingor utilizing the social network service 202 or the network 104 ofFIG. 1. The computing system 100 can use the cache-communication profile266 to create a difference between the content origination time 224 andthe content share time 226.

The computing system 100 can further determine a communication history270. The communication history 270 is a record of prior communicationfor the source account 210, the receiver account 212, or a combinationthereof. The communication history 270 can include an existence of aprior communication between specific instances of the individualaccounts 204, between devices, between users, or a combination thereof.The communication history 270 can further include a time, a content, asize, any detail or metadata, or a combination thereof regarding theprior communication.

Referring now to FIG. 3, therein is shown an exemplary block diagram ofthe computing system 100. The computing system 100 can include the firstdevice 102, the network 104, and the second device 106. The first device102 can send information in a first device transmission 308 over thenetwork 104 to the second device 106. The second device 106 can sendinformation in a second device transmission 310 over the network 104 tothe first device 102.

For illustrative purposes, the computing system 100 is shown with thefirst device 102 as a client device, although it is understood that thecomputing system 100 can have the first device 102 as a different typeof device. For example, the first device 102 can be a server having adisplay interface.

Also for illustrative purposes, the computing system 100 is shown withthe second device 106 as a server, although it is understood that thecomputing system 100 can have the second device 106 as a different typeof device. For example, the second device 106 can be a client device.

For brevity of description in this embodiment of the present invention,the first device 102 will be described as a client device and the seconddevice 106 will be described as a server device. The embodiment of thepresent invention is not limited to this selection for the type ofdevices. The selection is an example of an embodiment of the presentinvention.

The first device 102 can include a first control unit 312, a firststorage unit 314, a first communication unit 316, a first user interface318, and a first location unit 320. The first control unit 312 caninclude a first control interface 322. The first control unit 312 canexecute a first software 326 to provide the intelligence of thecomputing system 100.

The first control unit 312 can be implemented in a number of differentmanners. For example, the first control unit 312 can be a processor, anapplication specific integrated circuit (ASIC) an embedded processor, amicroprocessor, a hardware control logic, a hardware finite statemachine (FSM), a digital signal processor (DSP), or a combinationthereof. The first control interface 322 can be used for communicationbetween the first control unit 312 and other functional units in thefirst device 102. The first control interface 322 can also be used forcommunication that is external to the first device 102.

The first control interface 322 can receive information from the otherfunctional units or from external sources, or can transmit informationto the other functional units or to external destinations. The externalsources and the external destinations refer to sources and destinationsexternal to the first device 102.

The first control interface 322 can be implemented in different ways andcan include different implementations depending on which functionalunits or external units are being interfaced with the first controlinterface 322. For example, the first control interface 322 can beimplemented with a pressure sensor, an inertial sensor, amicroelectromechanical system (MEMS), optical circuitry, waveguides,wireless circuitry, wireline circuitry, or a combination thereof.

The first storage unit 314 can store the first software 326. The firststorage unit 314 can also store the relevant information, such as datarepresenting incoming images, data representing previously presentedimage, sound files, or a combination thereof.

The first storage unit 314 can be a volatile memory, a nonvolatilememory, an internal memory, an external memory, or a combinationthereof. For example, the first storage unit 314 can be a nonvolatilestorage such as non-volatile random access memory (NVRAM), Flash memory,disk storage, or a volatile storage such as static random access memory(SRAM).

The first storage unit 314 can include a first storage interface 324.The first storage interface 324 can be used for communication betweenthe first storage unit 314 and other functional units in the firstdevice 102. The first storage interface 324 can also be used forcommunication that is external to the first device 102.

The first storage interface 324 can receive information from the otherfunctional units or from external sources, or can transmit informationto the other functional units or to external destinations. The externalsources and the external destinations refer to sources and destinationsexternal to the first device 102.

The first storage interface 324 can include different implementationsdepending on which functional units or external units are beinginterfaced with the first storage unit 314. The first storage interface324 can be implemented with technologies and techniques similar to theimplementation of the first control interface 322.

The first communication unit 316 can enable external communication toand from the first device 102. For example, the first communication unit316 can permit the first device 102 to communicate with the seconddevice 106, a different device, an attachment, such as a peripheraldevice or a desktop computer, the network 104, or a combination thereof.

The first communication unit 316 can also function as a communicationhub allowing the first device 102 to function as part of the network 104and not limited to be an end point or terminal unit to the network 104.The first communication unit 316 can include active and passivecomponents, such as microelectronics or an antenna, for interaction withthe network 104.

The first communication unit 316 can include a baseband device orcomponent, a modem, a digital signal processor, or a combination thereoffor transmitting, formatting, receiving, detecting, decoding, furtherprocessing, or a combination thereof for communication signals. Thefirst communication unit 316 can include one or more portions forprocessing the voltages, the currents, the digital information, or acombination thereof, such as an analog-to-digital converter, adigital-to-analog converter, a filter, an amplifier, a processor-typecircuitry, or a combination thereof. The first communication unit 316can further include one or more portions for storing information, suchas cache or RAM memory, registers, or a combination thereof.

The first communication unit 316 can include a first communicationinterface 328. The first communication interface 328 can be used forcommunication between the first communication unit 316 and otherfunctional units in the first device 102. The first communicationinterface 328 can receive information from the other functional units orcan transmit information to the other functional units.

The first communication interface 328 can include differentimplementations depending on which functional units are being interfacedwith the first communication unit 316. The first communication interface328 can be implemented with technologies and techniques similar to theimplementation of the first control interface 322.

The first user interface 318 allows a user (not shown) to interface andinteract with the first device 102. The first user interface 318 caninclude an input device and an output device. Examples of the inputdevice of the first user interface 318 can include a keypad, a touchpad,soft-keys, a keyboard, a microphone, an infrared sensor for receivingremote signals, or any combination thereof to provide data andcommunication inputs.

The first user interface 318 can include a first display interface 330.The first display interface 330 can include an output device. The firstdisplay interface 330 can include a display, a projector, a videoscreen, a speaker, or any combination thereof.

The first control unit 312 can operate the first user interface 318 todisplay information generated by the computing system 100. The firstcontrol unit 312 can also execute the first software 326 for the otherfunctions of the computing system 100, including receiving locationinformation from the first location unit 320. The first control unit 312can further execute the first software 326 for interaction with thenetwork 104 via the first communication unit 316.

The first location unit 320 can generate location information, currentheading, current acceleration, and current speed of the first device102, as examples. The first location unit 320 can be implemented in manyways. For example, the first location unit 320 can function as at leasta part of the global positioning system, an inertial computing system, acellular-tower location system, a pressure location system, or anycombination thereof. Also, for example, the first location unit 320 canutilize components such as an accelerometer or GPS receiver.

The first location unit 320 can include a first location interface 332.The first location interface 332 can be used for communication betweenthe first location unit 320 and other functional units in the firstdevice 102. The first location interface 332 can also be used forcommunication external to the first device 102.

The first location interface 332 can receive information from the otherfunctional units or from external sources, or can transmit informationto the other functional units or to external destinations. The externalsources and the external destinations refer to sources and destinationsexternal to the first device 102.

The first location interface 332 can include different implementationsdepending on which functional units or external units are beinginterfaced with the first location unit 320. The first locationinterface 332 can be implemented with technologies and techniquessimilar to the implementation of the first control unit 312.

The second device 106 can be optimized for implementing an embodiment ofthe present invention in a multiple device embodiment with the firstdevice 102. The second device 106 can provide the additional or higherperformance processing power compared to the first device 102. Thesecond device 106 can include a second control unit 334, a secondcommunication unit 336, a second user interface 338, and a secondstorage unit 346.

The second user interface 338 allows a user (not shown) to interface andinteract with the second device 106. The second user interface 338 caninclude an input device and an output device. Examples of the inputdevice of the second user interface 338 can include a keypad, atouchpad, soft-keys, a keyboard, a microphone, or any combinationthereof to provide data and communication inputs. Examples of the outputdevice of the second user interface 338 can include a second displayinterface 340. The second display interface 340 can include a display, aprojector, a video screen, a speaker, or any combination thereof.

The second control unit 334 can execute a second software 342 to providethe intelligence of the second device 106 of the computing system 100.The second software 342 can operate in conjunction with the firstsoftware 326. The second control unit 334 can provide additionalperformance compared to the first control unit 312.

The second control unit 334 can operate the second user interface 338 todisplay information. The second control unit 334 can also execute thesecond software 342 for the other functions of the computing system 100,including operating the second communication unit 336 to communicatewith the first device 102 over the network 104.

The second control unit 334 can be implemented in a number of differentmanners. For example, the second control unit 334 can be a processor, anembedded processor, a microprocessor, hardware control logic, a hardwarefinite state machine (FSM), a digital signal processor (DSP), or acombination thereof.

The second control unit 334 can include a second control interface 344.The second control interface 344 can be used for communication betweenthe second control unit 334 and other functional units in the seconddevice 106. The second control interface 344 can also be used forcommunication that is external to the second device 106.

The second control interface 344 can receive information from the otherfunctional units or from external sources, or can transmit informationto the other functional units or to external destinations. The externalsources and the external destinations refer to sources and destinationsexternal to the second device 106.

The second control interface 344 can be implemented in different waysand can include different implementations depending on which functionalunits or external units are being interfaced with the second controlinterface 344. For example, the second control interface 344 can beimplemented with a pressure sensor, an inertial sensor, amicroelectromechanical system (MEMS), optical circuitry, waveguides,wireless circuitry, wireline circuitry, or a combination thereof.

A second storage unit 346 can store the second software 342. The secondstorage unit 346 can also store the information such as datarepresenting incoming images, data representing previously presentedimage, sound files, or a combination thereof. The second storage unit346 can be sized to provide the additional storage capacity tosupplement the first storage unit 314.

For illustrative purposes, the second storage unit 346 is shown as asingle element, although it is understood that the second storage unit346 can be a distribution of storage elements. Also for illustrativepurposes, the computing system 100 is shown with the second storage unit346 as a single hierarchy storage system, although it is understood thatthe computing system 100 can have the second storage unit 346 in adifferent configuration. For example, the second storage unit 346 can beformed with different storage technologies forming a memory hierarchalsystem including different levels of caching, main memory, rotatingmedia, or off-line storage.

The second storage unit 346 can be a volatile memory, a nonvolatilememory, an internal memory, an external memory, or a combinationthereof. For example, the second storage unit 346 can be a nonvolatilestorage such as non-volatile random access memory (NVRAM), Flash memory,disk storage, or a volatile storage such as static random access memory(SRAM).

The second storage unit 346 can include a second storage interface 348.The second storage interface 348 can be used for communication betweenthe second storage unit 346 and other functional units in the seconddevice 106. The second storage interface 348 can also be used forcommunication that is external to the second device 106.

The second storage interface 348 can receive information from the otherfunctional units or from external sources, or can transmit informationto the other functional units or to external destinations. The externalsources and the external destinations refer to sources and destinationsexternal to the second device 106.

The second storage interface 348 can include different implementationsdepending on which functional units or external units are beinginterfaced with the second storage unit 346. The second storageinterface 348 can be implemented with technologies and techniquessimilar to the implementation of the second control interface 344.

The second communication unit 336 can enable external communication toand from the second device 106. For example, the second communicationunit 336 can permit the second device 106 to communicate with the firstdevice 102 over the network 104.

The second communication unit 336 can also function as a communicationhub allowing the second device 106 to function as part of the network104 and not limited to be an end point or terminal unit to the network104. The second communication unit 336 can include active and passivecomponents, such as microelectronics or resistors, for interaction withthe network 104.

The second communication unit 336 can include a baseband device orcomponent, a modem, a digital signal processor, or a combination thereoffor transmitting, formatting, receiving, detecting, decoding, furtherprocessing, or a combination thereof for communication signals. Thesecond communication unit 336 can include one or more portions forprocessing the voltages, the currents, the digital information, or acombination thereof, such as an analog-to-digital converter, adigital-to-analog converter, a filter, an amplifier, a processor-typecircuitry, or a combination thereof. The first communication unit 316can further include one or more portions for storing information, suchas cache or RAM memory, registers, or a combination thereof.

The second communication unit 336 can include a second communicationinterface 350. The second communication interface 350 can be used forcommunication between the second communication unit 336 and otherfunctional units in the second device 106. The second communicationinterface 350 can receive information from the other functional units orcan transmit information to the other functional units.

The second communication interface 350 can include differentimplementations depending on which functional units are being interfacedwith the second communication unit 336. The second communicationinterface 350 can be implemented with technologies and techniquessimilar to the implementation of the second control interface 344.

The first communication unit 316 can couple with the network 104 to sendinformation to the second device 106 in the first device transmission308. The second device 106 can receive information in the secondcommunication unit 336 from the first device transmission 308 of thenetwork 104.

The second communication unit 336 can couple with the network 104 tosend information to the first device 102 in the second devicetransmission 310. The first device 102 can receive information in thefirst communication unit 316 from the second device transmission 310 ofthe network 104. The computing system 100 can be executed by the firstcontrol unit 312, the second control unit 334, or a combination thereof.For illustrative purposes, the second device 106 is shown with thepartition having the second user interface 338, the second storage unit346, the second control unit 334, and the second communication unit 336,although it is understood that the second device 106 can have adifferent partition. For example, the second software 342 can bepartitioned differently such that some or all of its function can be inthe second control unit 334 and the second communication unit 336. Also,the second device 106 can include other functional units not shown inFIG. 3 for clarity.

The functional units in the first device 102 can work individually andindependently of the other functional units. The first device 102 canwork individually and independently from the second device 106 and thenetwork 104.

The functional units in the second device 106 can work individually andindependently of the other functional units. The second device 106 canwork individually and independently from the first device 102 and thenetwork 104.

The functional units described above can be implemented in hardware. Forexample, one or more of the functional units can be implemented usingthe a gate, circuitry, a processor, a computer, integrated circuit,integrated circuit cores, a pressure sensor, an inertial sensor, amicroelectromechanical system (MEMS), a passive device, a physicalnon-transitory memory medium having instructions for performing thesoftware function, a portion therein, or a combination thereof.

For illustrative purposes, the computing system 100 is described byoperation of the first device 102 and the second device 106. It isunderstood that the first device 102 and the second device 106 canoperate any of the modules and functions of the computing system 100.

Referring now to FIG. 4, therein is shown a further exemplary blockdiagram of the computing system 100. Along with the first device 102,and the second device 106 of FIG. 3, the computing system 100 caninclude the third device 108. The first device 102 can send informationin the first device transmission 308 over the network 104 to the thirddevice 108. The third device 108 can send information in a third devicetransmission 410 over the network 104 to the first device 102, thesecond device 106, or a combination thereof.

For illustrative purposes, the computing system 100 is shown with thethird device 108 as a client device, although it is understood that thecomputing system 100 can have the third device 108 as a different typeof device. For example, the third device 108 can be a server.

Also for illustrative purposes, the computing system 100 is shown withthe first device 102 communicating with the third device 108. However,it is understood that the second device 106, the fourth device 110, or acombination thereof can also communicate with the third device 108 in asimilar manner as the communication between the first device 102 and thesecond device 106.

For brevity of description in this embodiment of the present invention,the third device 108 will be described as a client device. Theembodiment of the present invention is not limited to this selection forthe type of devices. The selection is an example of an embodiment of thepresent invention.

The third device 108 can be optimized for implementing an embodiment ofthe present invention in a multiple device or multiple user embodimentswith the first device 102. The third device 108 can provide theadditional or specific functions compared to the first device 102, thesecond device 106, or a combination thereof. The third device 108 canfurther be a device owned or used by a separate user different from theuser of the first device 102.

The third device 108 can include a third control unit 412, a thirdstorage unit 414, a third communication unit 416, a third user interface418, and a third location unit 420. The third control unit 412 caninclude a third control interface 422. The third control unit 412 canexecute a third software 426 to provide the intelligence of thecomputing system 100.

The third control unit 412 can be implemented in a number of differentmanners. For example, the third control unit 412 can be a processor, anapplication specific integrated circuit (ASIC) an embedded processor, amicroprocessor, a hardware control logic, a hardware finite statemachine (FSM), a digital signal processor (DSP), or a combinationthereof. The third control interface 422 can be used for communicationbetween the third control unit 412 and other functional units in thethird device 108. The third control interface 422 can also be used forcommunication that is external to the third device 108.

The third control interface 422 can receive information from the otherfunctional units or from external sources, or can transmit informationto the other functional units or to external destinations. The externalsources and the external destinations refer to sources and destinationsexternal to the third device 108.

The third control interface 422 can be implemented in different ways andcan include different implementations depending on which functionalunits or external units are being interfaced with the third controlinterface 422. For example, the third control interface 422 can beimplemented with a pressure sensor, an inertial sensor, amicroelectromechanical system (MEMS), optical circuitry, waveguides,wireless circuitry, wireline circuitry, or a combination thereof.

The third storage unit 414 can store the third software 426. The thirdstorage unit 414 can also store the relevant information, such as datarepresenting incoming images, data representing previously presentedimage, sound files, or a combination thereof.

The third storage unit 414 can be a volatile memory, a nonvolatilememory, an internal memory, an external memory, or a combinationthereof. For example, the third storage unit 414 can be a nonvolatilestorage such as non-volatile random access memory (NVRAM), Flash memory,disk storage, or a volatile storage such as static random access memory(SRAM). Also for example, the third storage unit 414 can be distributionof storage elements, multiple hierarchy storage system includingdifferent levels of caching, main memory, rotating media, or off-linestorage, or a combination thereof.

The third storage unit 414 can include a third storage interface 424.The third storage interface 424 can be used for communication betweenthe third storage unit 414 and other functional units in the thirddevice 108. The third storage interface 424 can also be used forcommunication that is external to the third device 108.

The third storage interface 424 can receive information from the otherfunctional units or from external sources, or can transmit informationto the other functional units or to external destinations. The externalsources and the external destinations refer to sources and destinationsexternal to the third device 108.

The third storage interface 424 can include different implementationsdepending on which functional units or external units are beinginterfaced with the third storage unit 414. The third storage interface424 can be implemented with technologies and techniques similar to theimplementation of the third control interface 422.

The third communication unit 416 can enable external communication toand from the third device 108. For example, the third communication unit416 can permit the third device 108 to communicate with the seconddevice 106, the first device 102, the fourth device 110, a differentdevice, an attachment, such as a peripheral device or a desktopcomputer, the network 104, or a combination thereof.

The third communication unit 416 can also function as a communicationhub allowing the third device 108 to function as part of the network 104and not limited to be an end point or terminal unit to the network 104.The third communication unit 416 can include active and passivecomponents, such as microelectronics or an antenna, for interaction withthe network 104.

The third communication unit 416 can include a baseband device orcomponent, a modem, a digital signal processor, or a combination thereoffor transmitting, formatting, receiving, detecting, decoding, furtherprocessing, or a combination thereof for communication signals. Thethird communication unit 416 can include one or more portions forprocessing the voltages, the currents, the digital information, or acombination thereof, such as an analog-to-digital converter, adigital-to-analog converter, a filter, an amplifier, a processor-typecircuitry, or a combination thereof. The third communication unit 416can further include one or more portions for storing information, suchas cache or RAM memory, registers, or a combination thereof.

The third communication unit 416 can include a third communicationinterface 428. The third communication interface 428 can be used forcommunication between the third communication unit 416 and otherfunctional units in the third device 108. The third communicationinterface 428 can receive information from the other functional units orcan transmit information to the other functional units.

The third communication interface 428 can include differentimplementations depending on which functional units are being interfacedwith the third communication unit 416. The third communication interface428 can be implemented with technologies and techniques similar to theimplementation of the third control interface 422.

The third user interface 418 allows a user (not shown) to interface andinteract with the third device 108. The third user interface 418 caninclude an input device and an output device. Examples of the inputdevice of the third user interface 418 can include a keypad, a touchpad,soft-keys, a keyboard, a microphone, an infrared sensor for receivingremote signals, or any combination thereof to provide data andcommunication inputs.

The third user interface 418 can include a third display interface 430.The third display interface 430 can include an output device. The thirddisplay interface 430 can include a display, a projector, a videoscreen, a speaker, or any combination thereof.

The third control unit 412 can operate the third user interface 418 todisplay information generated by the computing system 100. The thirdcontrol unit 412 can also execute the third software 426 for the otherfunctions of the computing system 100, including receiving locationinformation from the third location unit 420. The third control unit 412can further execute the third software 426 for interaction with thenetwork 104 via the third communication unit 416.

The third location unit 420 can generate location information, currentheading, current acceleration, and current speed of the third device108, as examples. The third location unit 420 can be implemented in manyways. For example, the third location unit 420 can function as at leasta part of the global positioning system, an inertial computing system, acellular-tower location system, a pressure location system, or anycombination thereof. Also, for example, the third location unit 420 canutilize components such as an accelerometer or GPS receiver.

The third location unit 420 can include a third location interface 432.The third location interface 432 can be used for communication betweenthe third location unit 420 and other functional units in the thirddevice 108. The third location interface 432 can also be used forcommunication external to the third device 108.

The third location interface 432 can receive information from the otherfunctional units or from external sources, or can transmit informationto the other functional units or to external destinations. The externalsources and the external destinations refer to sources and destinationsexternal to the third device 108.

The third location interface 432 can include different implementationsdepending on which functional units or external units are beinginterfaced with the third location unit 420. The third locationinterface 432 can be implemented with technologies and techniquessimilar to the implementation of the third control unit 412.

For illustrative purposes, the third device 108 is shown with thepartition having the third user interface 418, the third storage unit414, the third control unit 412, and the third communication unit 416,although it is understood that the third device 108 can have a differentpartition. For example, the third software 426 can be partitioneddifferently such that some or all of its function can be in the thirdcontrol unit 412 and the third communication unit 416. Also, the thirddevice 108 can include other functional units not shown in FIG. 4 forclarity.

The functional units in the third device 108 can work individually andindependently of the other functional units. The third device 108 canwork individually and independently from the first device 102, thesecond device 106, the fourth device 110, and the network 104.

For illustrative purposes, the computing system 100 is described byoperation of the first device 102 and the third device 108. It isunderstood that the first device 102, the second device 106, the fourthdevice 110, and the third device 108 can operate any of the modules andfunctions of the computing system 100.

Referring now to FIG. 5, therein is shown a control flow 500 of thecomputing system 100 of FIG. 1. The computing system 100 can include aprotocol analysis module 502, a unification module 504, an exchangemodule 506, or a combination thereof.

The protocol analysis module 502 can be coupled to the unificationmodule 504, the exchange module 506, or a combination thereof by havingthe input of one module connected to the output of another, such as byusing wired or wireless connections, the network 104 of FIG. 1,instructional steps, process sequence, or a combination thereof. Theunification module 504 can be similarly coupled to the exchange module506.

The modules can be coupled directly, without any other interveningstructures other than the structure providing the direct connection. Themodules can further be coupled indirectly, through a shared connectionor other functional structures between the coupled modules.

As a more specific example, one or more outputs of the protocol analysismodule 502 can be connected, either directly or indirectly, to one ormore inputs of the unification module 504 using conductors or wirelesscommunication devices. The unification module 504 can similarly beconnected to the exchange module 506, which can be similarly connectedto the protocol analysis module 502.

The computing system 100 can operate a device, such as by displayingimages, recreating sounds, executing or exchanging process steps orinstructions, or a combination thereof with or based on the protocolanalysis module 502, the unification module 504, the exchange module506, or a combination thereof. The computing system 100 can also operatethe device by having the device perform designated instructions, sendingdesignated instructions to the device, or a combination thereof usingone or more of the modules listed above.

The protocol analysis module 502 is configured to analyze the exchangeprotocol 236 of FIG. 2. The protocol analysis module 502 can determinethe protocol profile 240 of FIG. 2 based on analyzing the exchangeprotocol 236.

For example, the protocol analysis module 502 can determine the protocolprofile 240 including the first protocol 244 of FIG. 2 and the secondprotocol 246 of FIG. 2 for communicating between the first device 102 ofFIG. 1, the second device 106 of FIG. 3, the third device 108 of FIG. 3,or a combination thereof. As a more specific example, the protocolanalysis module 502 can determine the protocol profile 240 including theprivate sharing mechanism 248 of FIG. 2 for the first protocol 244, thevector testing mechanism 250 of FIG. 2 for the second protocol 246, or acombination thereof.

The protocol analysis module 502 can determine the protocol profile 240by determining the profile boundary 242 of FIG. 2, the protocol sequence252 of FIG. 2, the protocol scenario 254 of FIG. 2, the field format 256of FIG. 2, or a combination thereof. The protocol analysis module 502can include a boundary module 508, a sequence analysis module 510, aformat analysis module 512, or a combination thereof for determining theprotocol profile 240.

The boundary module 508 is configured to determine the profile boundary242. The boundary module 508 can determine the profile boundary 242based on a selection or a predetermination from the user, the computingsystem 100, a developer, or a combination thereof. The boundary module508 can set the profile boundary 242 to one or more instance of anapplication 514, to an operating system 516, the social network service202, or a combination thereof.

The application 514 is an individual set of instructions for performinga specific action. The application 514 can be can be softwareapplication or executable, a hardware accelerator, a hardware device, ora combination thereof. The application 514 can include an execution fileused to realize or complete a user-initiated action for enabling theuser to perform specific functions.

The operating system 516 is software controlling execution of theapplication 514. The operating system 516 can provide an environment forone or more instances of the application 514. The operating system 516can include functions for integrating software instructions and hardwareexecutions.

For illustrative purposes, the computing system 100 will be described ashaving the profile boundary 242 set to a single instance of theapplication 514 or a single instance of the social network service 202independent of the operating system 516 for analyzing the instances ofthe exchange protocol 236 used therein. However, it is understood thatthe profile boundary 242 can be set to multiple instances of theapplication 514, the operating system 516, or a combination thereof foranalyzing the instances of the exchange protocol 236 used therein.

The boundary module 508 can use the first user interface 318 of FIG. 3,the first communication unit 316 of FIG. 3, the second communicationunit 336 of FIG. 3, the second user interface 338 of FIG. 3, the thirdcommunication unit 416 of FIG. 4, the third user interface 418 of FIG.4, or a combination thereof to receive the selection for determining theprofile boundary 242. The boundary module 508 can further use the firstcontrol interface 322 of FIG. 3, the second control interface 344 ofFIG. 3, the third control interface 422 of FIG. 4, the first storageinterface 324 of FIG. 3, the second storage interface 348 of FIG. 3, thethird storage interface 424 of FIG. 4, or a combination thereof toaccess the predetermined selection for determining the profile boundary242. The boundary module 508 can use the first control unit 312 of FIG.3, the second control unit 334 of FIG. 3, the third control unit 412 ofFIG. 3, or a combination thereof in addition to the above to determinethe profile boundary 242 as the received or accessed selection.

The sequence analysis module 510 is configured to determine the protocolsequence 252, the protocol scenario 254 associated thereto, or acombination thereof used within the profile boundary 242. The sequenceanalysis module 510 can determine the protocol sequence 252 using avariety of methods.

For example, the sequence analysis module 510 can determine the protocolsequence 252 by testing the application 514 corresponding to the profileboundary 242. The sequence analysis module 510 can use inputs,functions, outputs, or a combination thereof for the application 514 aspredetermined by the computing system 100, a provider or a developer ofthe application 514, the user or a combination thereof to test theapplication 514. The sequence analysis module 510 can further determinethe conditions, the input-output relationship, or a combination thereofas the protocol scenario 254.

Also for example, the sequence analysis module 510 can determine theprotocol sequence 252 and corresponding instance of the protocolscenario 254 by accessing the protocol sequence 252 provided by thecomputing system 100, a provider or a developer of the application 514,the user or a combination thereof. The sequence analysis module 510 canaccess stored instances of the protocol sequence 252, receivedcommunicated instances of the protocol sequence 252, or a combinationthereof.

The sequence analysis module 510 can use the first control unit 312, thesecond control unit 334, the third control unit 412, the firstcommunication unit 316, the second communication unit 336, the thirdcommunication unit 416, or a combination thereof to test the application514 and determine the protocol sequence 252. The sequence analysismodule 510 can store the protocol sequence 252 in the first storage unit314 of FIG. 3, the second storage unit 346 of FIG. 3, the third storageunit 414 of FIG. 4, or a combination thereof. The sequence analysismodule 510 can use the first communication interface 328 of FIG. 3, thesecond communication interface 350 of FIG. 3, the third communicationinterface 428 of FIG. 4, the first storage interface 324, the secondstorage interface 348, the third storage interface 424, or a combinationthereof to access the protocol sequence 252.

The format analysis module 512 is configured to determine the fieldformat 256, the protocol scenario 254 associated thereto, or acombination thereof used within the profile boundary 242. The formatanalysis module 512 can determine the field format 256 using methodssimilar to the sequence analysis module 510. For example, the formatanalysis module 512 can determine the field format 256 by testing theapplication 514 and analyzing exchanged contents similarly as describedabove. Also for example, the format analysis module 512 can access thefield format 256 similarly as described above.

After determining the protocol profile 240, the control flow 500 can bepassed to the unification module 504. The control flow 500 can passthrough a variety of ways. For example, control flow 500 can pass byhaving processing results of one module passed to another module, suchas by passing the protocol profile 240 from the protocol analysis module502 to the unification module 504, by storing the processing results ata location known and accessible to the unification module 504, bynotifying the unification module 504, such as by using a flag, aninterrupt, a status signal, or a combination thereof, or a combinationof processes thereof.

The unification module 504 is configured to generate theunified-protocol privacy mechanism 258 of FIG. 2. The unification module504 can generate the unified-protocol privacy mechanism 258 based on theprotocol profile 240.

For example, the unification module 504 can generate theunified-protocol privacy mechanism 258 by combining the instances of theexchange protocol 236 included in the protocol profile 240. As a morespecific example, the unification module 504 can generate theunified-protocol privacy mechanism 258 by combining the first protocol244 and the second protocol 246, including the private sharing mechanism248, the vector testing mechanism 250, the Private Set IntersectionProtocol, or a combination thereof.

The unification module 504 can generate the unified-protocol privacymechanism 258 for the privacy protection scenario 228 of FIG. 2 insteadof for improving efficiency, speed, or accuracy. For example, theunification module 504 can generate the unified-protocol privacymechanism 258 for protecting the content information 216 from detection,access, inference thereof, or a combination thereof by the unintendedobserver 214 of FIG. 2.

Continuing with the example, the unintended observer 214 can determineor infer data regarding the content information 216 based on usage ofthe first protocol 244 or the second protocol 246 according to theprotocol scenario 254. The unification module 504 can generate theunified-protocol privacy mechanism 258 for use across all instances ofthe protocol scenario 254 in places of all instances of the exchangeprotocol 236, including the first protocol 244 and the second protocol246.

As a more specific example, the unintended observer 214 can determinethe privacy rating 222 of FIG. 2 associated with the relevant location218 shared as the content information 216 based on the exchange protocol236 used to share the content information 216. Also as a more specificexample, the unintended observer 214 can determine the accountconnection 208 of FIG. 2, including a nature or a degree ofrelationship, between the source account 210 of FIG. 2 and the receiveraccount 212 of FIG. 2 based on the exchange protocol 236 or the inferredinstance of the privacy rating 222.

The unification module 504 can generate the unified-protocol privacymechanism 258 independent of the privacy rating 222 associated with therelevant location 218. The unification module 504 can generate theunified-protocol privacy mechanism 258 having same instances of theunified sequence 260 of FIG. 2, the unified format 262 of FIG. 2, or acombination thereof regardless of the privacy rating 222.

The unification module 504 can generate the unified-protocol privacymechanism 258 by generating the unified sequence 260, the unified format262, or a combination thereof. The unification module 504 can generatethe unified sequence 260, the unified format 262, or a combinationthereof using a variety of methods.

For example, the unification module 504 can generate the unifiedsequence 260 by appending the protocol sequence 252 for one instance ofthe exchange protocol 236 to an end of the protocol sequence 252 foranother instance of the exchange protocol 236. As a more specificexample, the unification module 504 can generate the unified sequence260 by adding the protocol sequence 252 of the second protocol 246, suchas the vector testing mechanism 250, to the end of the protocol sequence252 of the first protocol 244, such as the private sharing mechanism248, or appending using a reversed order.

Also for example, the unification module 504 can generate the unifiedsequence 260 by alternating individual steps in the protocol sequence252 for the instances of the exchange protocol 236. As a more specificexample, the unification module 504 can generate the unified sequence260 having the first individual step of the first protocol 244, followedby the first individual step of the second protocol 246, beforeexecuting the second individual step of the first protocol 244.

Also for example, the unification module 504 can identify commonindividual steps across the instances of the exchange protocol 236. Theunification module 504 can combine the individual steps after matchingthe sequence or timing of the common individual steps, and byeliminating the redundant common individual steps.

As a more specific example, the first protocol 244 can include theindividual steps A1, A2, A3, and A4, and the second protocol 246 caninclude the individual steps A0, B1, A2, B2, C1, A4, and B3. Theunification module 504 can identify A2 and A4 common in both the firstprotocol 244 and the second protocol 246. The unification module 504 canalign the two instances of the individual steps based on the commonsteps as exemplified below:

A1-A2-A3-A4

A0-B1-A2-B2-C1-A4-B3

Continuing with the specific example, the unification module 504 canthen combine the individual steps between the common steps, such as bycombining steps A0, A1, and B1, steps A3, B2, and C1, or a combinationthereof. The unification module 504 can then generate the unifiedsequence 260 by only performing the common steps once.

Continuing with the example, the unification module 504 can combine theindividual steps described above by appending the second protocol 246 tothe end of the first protocol to generate A1, A0, B1, A2, A3, B2, C1,A4, and B3. The unification module 504 can alternatively combine theindividual steps described above by alternating the individual stepswith the second protocol 246 occurring before the first protocol 244 togenerate A0, A1, B1, A2, B2, A3, C1, A4, and B3.

For illustrative purposes, the unification module 504 is described asgenerating the unified sequence 260 having the first protocol 244 beforethe second protocol 246. However, it is understood that the unificationmodule 504 can have different ordering, such as having the secondprotocol 246 before the first protocol 244.

For further illustrative purposes, the unification module 504 isdescribed as combining two instances of the exchange protocol 236.However, it is understood that the unification module 504 can combineany number of instances of the exchange protocol 236, such as for threeor more, using the methods described above.

The unification module 504 can generate the unified format 262 usingmethods similar to ones described above. For example, the unificationmodule 504 can generate the unified format 262 by appending the fieldformat 256 for one instance of the exchange protocol 236 to the end ofanother, by alternating a portion or a unit in one instance of theexchange protocol 236 with another, or a combination thereof. Also forexample, the unification module 504 can generate the unified format 262by identifying the common portions or units, aligning and combiningbased on the common portions or units.

The unification module 504 can generate the unified-protocol privacymechanism 258 utilizing the placeholder content 264 of FIG. 2, aplaceholder node 518, or a combination thereof. The placeholder node 518is a representation of a non-existing device necessary for unifyingcommunication across multiple instances of the exchange protocol 236.The unification module 504 can generate the unified-protocol privacymechanism 258 utilizing the placeholder node 518 for communicating thecontent information 216 between devices within the computing system 100.

For example, the placeholder node 518 can represent the first device102, the second device 106, the third device 108, any other devicethere-between or in the network 104 of FIG. 1, or a combination thereof.As a more specific example, the first protocol 244 can include exchangesdirectly between the first device 102 and the third device 108 with thesecond device 106 or devices in the network 104 being passive or onlypassing the information there-through. The second protocol 246 caninclude exchanges between the first device 102 and the third device 108with the second device 106 or the devices in the network 104 interactingand influencing the communication.

Continuing with the example, the unification module 504 can utilize theplaceholder node 518 to account for the differences in the function ofthe second device 106 or the devices in the network 104. The unificationmodule 504 can utilize the placeholder node 518 to replicate oreliminate the functions of the device existing in only part of theinstances of the exchange protocol 236 within the protocol profile 240.

The unification module 504 can similarly generate the unified-protocolprivacy mechanism 258 to utilize or include the placeholder content 264.For example, the unification module 504 can generate theunified-protocol privacy mechanism 258 to utilize or include theplaceholder content 264 to replicate or eliminate data existing in onlypart of the instances of the exchange protocol 236 within the protocolprofile 240.

For example, the unification module 504 can generate theunified-protocol privacy mechanism 258 to utilize the placeholdercontent 264 when exchanging data corresponding to the individual step ofthe exchange protocol 236 not applicable to the protocol scenario 254.As a more specific example, the protocol scenario 254 can require usageof one instance of the exchange protocol 236 but the unified-protocolprivacy mechanism 258 can include the individual steps from the otherinstance of the exchange protocol 236. The unification module 504 cangenerate the unified-protocol privacy mechanism 258 to utilize theplaceholder content 264 when exchanging data for the other instance ofthe exchange protocol 236 within the unified-protocol privacy mechanism258

Continuing with the example listed above, the unification module 504 cangenerate the unified-protocol privacy mechanism 258 to utilize theplaceholder content 264 for the individual steps A0, B1, B2, C1, and B3in the unified-protocol privacy mechanism 258 when the protocol scenario254 for the first protocol 244 is satisfied. The unification module 504can generate the unified-protocol privacy mechanism 258 to utilize theplaceholder content 264 for the individual steps A1 and A3 in theunified-protocol privacy mechanism 258 when the protocol scenario 254for the second protocol 246 is satisfied.

The unification module 504 can generate the unified-protocol privacymechanism 258 utilizing the placeholder content 264 independent of thecontent information 216. The unified-protocol privacy mechanism 258 canbe independent of the content information 216 since the use of theplaceholder content 264 allows for the usage of the unified-protocolprivacy mechanism 258 regardless of satisfying any specific instance ofthe protocol scenario 254 and the corresponding instance of the exchangeprotocol 236 included in the protocol profile 240 as described above.

It has been discovered that the unified-protocol privacy mechanism 258combining at least the first protocol 244 and the second protocol 246for the privacy protection scenario 228 provides increased protectionfor the content information 216 from access by the unintended observer214 of FIG. 2. The unified-protocol privacy mechanism 258 combiningmultiple instances of the exchange protocol 236 can use the unifiedsequence 260, the unified format 262, or a combination thereofregardless of the protocol scenario 254 corresponding to the combinedinstances of the exchange protocol 236. The uniformity can prevent theunintended observer from inferring data regarding the contentinformation 216 exchanged using the unified-protocol privacy mechanism258.

The unification module 504 can use the first control unit 312, thesecond control unit 334, the third control unit 412, or a combinationthereof to generate the unified-protocol privacy mechanism 258. Theunification module 504 can store the unified-protocol privacy mechanism258 in the first storage unit 314, the second storage unit 346, thethird storage unit 414, or a combination thereof.

After generating the unified-protocol privacy mechanism 258, the controlflow 500 can be passed to the exchange module 506. The control flow 500can pass similarly as described above between the protocol analysismodule 502 and the unification module 504, but using the processingresults of the unification module 504, such as the unified-protocolprivacy mechanism 258.

The exchange module 506 is configured to communicate the contentinformation 216 according to the unified-protocol privacy mechanism 258.The exchange module 506 can communicate the content information 216between devices within the computing system 100, including the firstdevice 102, the second device 106, the third device 108, or acombination thereof. For example, the exchange module 506 cancommunicate the content information 216 based the relevant location 218,the message 220, or a combination thereof.

The exchange module 506 can communicate the content information 216 bysending, receiving, processing or a combination thereof for the contentinformation 216, header information associated thereto, protocolcommands or replies, a portion therein, or a combination thereofaccording to the unified-protocol privacy mechanism 258. For example,the exchange module 506 can send, receive, process, or a combinationthereof for the encryption key 234 of FIG. 2, the protocol key 238 ofFIG. 2, a derivation thereof, or a combination thereof according to aspecific order or circumstance as described by the unified-protocolprivacy mechanism 258. Detailed example regarding the communication willbe described below.

The exchange module 506 can further generate and utilize thecache-communication profile 266 of FIG. 2. The exchange module 506 cangenerate the cache-communication profile 266 using a method or amechanism predetermined by the computing system 100, the user, or acombination thereof. The exchange module 506 can generate thecache-communication profile 266 to initiate the communication after thecontent origination time 224 of FIG. 2, at the content share time 226 ofFIG. 2, when the online status 268 of FIG. 2 is offline, or acombination thereof.

The exchange module 506 can generate the cache-communication profile 266to communicate the content information 216 or a portion therein at atime later than the content origination time 224, at the content sharetime 226, independent of the online status 268, or a combinationthereof. The exchange module 506 can further generate thecache-communication profile 266 to communicate the placeholder content264 in a similar manner.

For example, the exchange module 506 can generate thecache-communication profile 266 to communicate the content information216, the placeholder content 264, such as random or fake sharings, or acombination thereof. The exchange module 506 can generate thecache-communication profile 266 to communicate the content information216 from the first device 102 to the second device 106, from the seconddevice 106 to the third device 108, or a combination thereof after theonline status 268 goes offline, at a time later than the contentorigination time 224, at the content share time 226, over a period oftime, or a combination thereof.

It has been discovered that the unified-protocol privacy mechanism 258utilizing the placeholder content 264 provides increased security androbustness. The unified-protocol privacy mechanism 258 utilizing theplaceholder content 264 can allow for integration between instances ofthe exchange protocol 236 having mismatching instances of the protocolsequence 252, the protocol scenario 254, the field format 256 or acombination thereof. The placeholder content 264 can be used to balancethe mismatch in combining the instances of the exchange protocol 236 toprotect inference from the unintended observer 214.

It has been discovered that the unified-protocol privacy mechanism 258utilizing the placeholder node 518 provides increased security androbustness. The unified-protocol privacy mechanism 258 utilizing theplaceholder node 518 can allow for integration between instances of theexchange protocol 236 having mismatching instances of communicationparties, such as utilizing interaction from the server or having apassive instance of the server. The placeholder node 518 can be used tobalance the mismatch in combining the instances of the exchange protocol236 to protect inference from the unintended observer 214.

The exchange module 506 can generate the cache-communication profile 266to control the content share time 226 for communicating the contentinformation 216. The exchange module 506 can add a delay between thecontent origination time 224 and the content share time 226, betweenwhen the online status 268 goes offline and the content share time 226,or a combination thereof. The exchange module 506 can generate the delayaccording to a method or a mechanism predetermined by the computingsystem 100, the user, or a combination thereof.

It has been discovered that the cache-communication profile 266utilizing the placeholder content 264 for the privacy protectionscenario 228 provides increased protection. The cache-communicationprofile 266 utilizing the placeholder content 264 can providecommunications that mimic exchanges to prevent the unintended observer214 from determining the online status 268 of the user, determine thecontent share pattern 230, or a combination thereof.

The exchange module 506 can use the first control interface 322, thesecond control interface 344, the third control interface 422, the firstcommunication interface 328, the second communication interface 350, thethird communication interface 428, the first storage interface 324, thesecond storage interface 348, the third storage interface 424, or acombination thereof to access the method or the mechanism. The exchangemodule 506 can use the first control unit 312, the second control unit334, the third control unit 412, or a combination thereof to generatethe cache-communication profile 266.

The exchange module 506 can store the content information 216 in thefirst storage unit 314, the second storage unit 346, the third storageunit 414, or a combination thereof until the content share time 226according to the cache-communication profile 266. The exchange module506 can use the first communication unit 316, the second communicationunit 336, the third communication unit 416, or a combination thereof tocommunicate the content information 216 according to thecache-communication profile 266.

The exchange module 506 can determine the communication history 270 ofFIG. 2. The exchange module 506 can determine the communication history270 by logging data regarding the communication or the exchange betweendevices.

Information or metadata regarding communications between devices,between the individual accounts 204 of FIG. 2, or a combination thereofcan be passed to the protocol analysis module 502. The protocol analysismodule 502 can use the communication information or metadata to furtheranalyze the exchange protocol 236.

The control flow 500 or the method 500 of operation of the computingsystem 100 includes: determining a protocol profile including a firstprotocol and a second protocol for communicating between a first deviceand a second device; generating a unified-protocol privacy mechanismwith a control unit for a privacy protection scenario, theunified-protocol privacy mechanism based on combining the first protocoland the second protocol; and communicating content information accordingto the unified-protocol privacy mechanism between the first device andthe second device.

Referring now to FIG. 6, therein is shown a detailed example of theprivate sharing mechanism 248. The private sharing mechanism 248 caninclude a two-party protocol with the relevant location 218 of FIG. 2,represented as ‘x_(B)’ and ‘x_(A)’. The relevant location 218 can beencrypted by the source account 210 of FIG. 2, represented as ‘B’ forprotecting the content information 216 of FIG. 2 from the unintendedobserver 214 of FIG. 2, including any server.

The source account 210 or a device associated therewith, such as thefirst device 102, the second device 106, the third device 108, or acombination thereof can encrypt the content information 216 using thecontent encryption mechanism 232 of FIG. 2. The source account 210 orthe device associated therewith can mask the relevant location 218 withthe output of the pseudorandom function (PRF), represented as ‘E’. Thebit size of the mask can be determined by the location precision, suchas based on the privacy rating 222 of FIG. 2.

The computing system 100 of FIG. 1 can use the first control unit 312 ofFIG. 3, the second control unit 334 of FIG. 3, the third control unit412 of FIG. 4, or a combination thereof to encrypt the information. Thecomputing system 100 can use a single encryption for the contentencryption mechanism 232 for multiple sharing instances. For example,when the relevant location 218 is presented by 32-bits and E is 128-bitblock cipher, such as AES, both the source account 210 and the receiveraccount 212 of FIG. 2, represented as ‘A’, can perform a singleencryption of a counter value 602, represented as ‘ctr’ with a sharedkey, such as the encryption key 234 of FIG. 2, represented as ‘k’, anduse selected blocks of the ciphertext therein, represented as ‘k₁’, formasking.

For the private sharing mechanism 248, the server, such as the seconddevice 106, can remain passive. The computing system 100 can include theserver only transmitting or relaying the messages for the privatesharing mechanism 248.

The computing system 100 can process the relevant location 218 when theusers want to share their relevant location 218 with only their nearbycontacts, such as within a circle of radius r, who have made theirlocation visible, such as available, approximate, or nearby. Since theprivate sharing mechanism 248 includes unconditional sharing,requirement for the relevant location 218 for the account connection 208of FIG. 2 or proximity thereof before the communication may not beutilized using the private sharing mechanism 248.

For example, when user A receives location information x_(B) from userB, user A can determine that user B is nearby and decide to share hislocation information x_(A). This can represent a natural interaction ina location sharing service. The private sharing mechanism 248 can stillbe used after checking a contact's location or proximity. However, theprivate sharing mechanism 248 can be more complicated when two userswant to share their locations to each other only if the other is nearby.

Referring now to FIG. 7, therein is shown a detailed example of thevector testing mechanism 250. The computing system 100 of FIG. 1 cantest whether the user or the device associated therewith, such as thefirst device 102, the third device 108, or a combination thereof, iswithin a given range, such as within a circle centered on a location.The proximity testing can involve distance calculations and comparisons.However, these calculations can be extremely expensive for the privacyprotection scenario 228 of FIG. 2.

The computing system 100 can label the neighborhoods or geographicalgrids with some unique identifiers, and test the proximity by checkingwhether two person or objects have the same identifier. Various variantsof Private Equality Testing (PET) schemes can be key ingredient used fortesting the proximity in a private setting. The vector testing mechanism250 can include a Vectorial Private Equality Testing as a lightweightthree-party protocol based on symmetric-key primitives.

For example, the computing system 100 can include a situation where thesource account 210 of FIG. 2 can share the content information 216 ofFIG. 2 including the relevant location 218 of FIG. 2 with the receiveraccount 212 of FIG. 2 only if the receiver account 212 also shares therelevant location 218 thereof. Location values can be mapped to vectorsusing a vectorization process and these vectors can be masked using:(s,θ)=E _(k)(ctr).  Equation (1).The source account 210 can arrange the output of the PRF, represented as‘E’, with ‘s’ representing a vector having random entries and ‘θ’representing a rotation angle.

The computing system 100 can use the source account 210 or the deviceassociated therewith to calculate:b=rR(x _(B),θ)+s.  Equation (2).A non-zero random number can be represented by ‘r’, and ‘s’ can be basedon the E function. The source account 210 can send ‘b’ and ‘ctr’ to theserver, including the second device 106.

The receiver account 212, in order to compute whether the source account210 or the device associate therewith is nearby, can first query theserver to obtain the latest value of the counter value 602 of FIG. 6,represented as ‘ctr’, from the source account 210. The source account210 can abort if the counter value 602 received through or from thesecond device 106, such as the server, is not fresh or recent.Otherwise, the receiver account 212 can compute ‘(s, θ)=E_(k)(ctr)’ anda unit vector ‘u’ perpendicular to ‘x_(A)’. The receiver account 212 canblind ‘u’ using the rotation function ‘R’, where ‘θ’ is pseudorandomvalue by definition. The receiver account 212 can send ‘a=R(u, θ)’ andthe counter value 602 to the second device 106.

The second device 106 can match the messages having the same instance orvalue of the counter value 602 from the source account 210 and thereceiver account 212. The second device 106 can perform a single innerproduct operation giving m=<a, b>, then send ‘m’ to the receiver account212, with:m=<a,b>=<R(u,θ),rR(x _(B),θ)+s>=r<R(u,θ),R(x_(B),θ)>+<R(u,θ),s>.  Equation (3).Angle preserving map can be represented by ‘R’, and R(x_(B), θ) can beperpendicular to the vector R(u, θ) when the private values or vectorsof the source account 210 and the receiver account 212 are same thesame, such as “x_(A)=x_(B)”.

The receiver account 212 can compute this value as it does not containthe blinding ‘r’. The receiver account 212 can calculate <R(u, θ), s)>,and when the receiver account 212 finds that m=<R(u, θ), s)>, thereceiver account 212 can learn that the user has the same private vectoras the source account 210.

Referring now to FIG. 8, therein is shown a detailed example of aprivate-set intersection protocol 802. The private-set intersectionprotocol 802 can be an instance of the exchange protocol 236 of FIG. 2similar to the vector testing mechanism 250 of FIG. 7. The private-setintersection protocol 802 can require larger data size as it is used infinding the intersection of two sets. The private-set intersectionprotocol 802 can allow two parties holding sets A and B to compute theintersection I=A∩B without revealing to the other party any additionalinformation about their respective sets. Either party, or both, maylearn the intersection depending on the application.

The source account 210 of FIG. 2 and the receiver account 212 of FIG. 2can register and set up set up a shared key, represented by ‘k_(user)’.All communication between the source account 210, the receiver account212, the server, or a combination thereof can be encrypted using thecontent encryption mechanism 232 of FIG. 2.

When the source account 210 and the receiver account 212 are connectedthrough the account connection 208 of FIG. 2, the source account 210 andthe receiver account 212 can set up a shared key, represented as‘k_(AB)’, such as the encryption key 234 of FIG. 2. The source account210 and the receiver account 212 can maintain the counter value 602 ofFIG. 6 for their correspondence, with initially setting of 0. The sourceaccount 210 and the receiver account 212 can utilized keyed PRF tosecure the communication between parties.

For example, the source account 210 can start with computingG(t)=Π_(i=0) ^(n)(t−y_(i)) using a private set B={y₁, y₂, . . . , y_(n)}having n elements. The source account 210 can compute the polynomialsthat required to hide G(t). The source account 210 can increment thecounter value 602 and compute E_(k) _(AB) (ctr) to get some pseudorandom bytes and use these in generating the shared polynomials R(t) andQ(t). Using the same value of the counter value 602, the source account210 can compute E_(k) _(B) (ctr) to get some pseudo random bytes togenerate the shared polynomial S(t) with the server, such as the seconddevice 106.

Same polynomials R(t), Q(t), and S(t) can be required from the receiveraccount 212 and the server, respectively. The source account 210 cancompute B(t)=S(t)(G(t)+R(t))+Q(t) and send it to the server.

Involvement of the receiver account 212 can consist of two stages: thereceiver account 212 can query the server to obtain the latest value ofthe counter value 602 from the source account 210. If the value receivedis not fresh or current, such as when the receiver account 212 haspreviously used the counter value 602, the receiver account 212 canabort. The receiver account 212 can compute E_(k) _(AB) (ctr) in orderto generate the shared polynomials R(t) and Q(t). The receiver account212 can further compute (t)=Π_(i=0) ^(m)(t−x_(i)) using a private setA={x₁, x₂, . . . , x_(m)} having m elements and sends A(t)=F(t)+R(t) tothe server.

The server can find the messages from the receiver account 212 and thesource account 210 that have the same value for the counter value 602.The server, such as the social network service 202 of FIG. 2 or thesecond device 106, can compute:M(t):=B(t)−S(t)A(t)=S(t)(G(t)−F(t))+Q(t).  Equation (4).

The server can send ‘M(t)’ to the receiver account 212. The receiveraccount 212 can receive ‘M(t)’ from the server. The receiver account 212can checks whether M(t) and Q(t) agrees with private values of thereceiver account 212. The receiver account 212 can conclude that thevalues satisfying the equality are the values in the intersection. Thereceiver account 212 can learn the intersection, but not any otherinformation regarding the private set of the source account 210.

Referring now to FIG. 9, therein is shown a detailed example of theunified-protocol privacy mechanism 258 of FIG. 2. The unification module504 of FIG. 5 can generate the unified-protocol privacy mechanism 258 bycombining instances of the exchange protocol 236 of FIG. 2 as describedabove. For example, the unification module 504 can combine the vectortesting mechanism 250 of FIG. 2 of and the private sharing mechanism 248of FIG. 2.

As a first step, the unification module 504 can combine the privatesharing mechanism 248 and the vector testing mechanism 250, and thenmerge its results with the private-set intersection protocol 802 of FIG.8. Since the private sharing mechanism 248 is a two-party protocol thatsimply encrypts the location information and passes to the communicatingparty, the unification module 504 can utilize the placeholder node 518.

The unification module 504 can further add a redundant request-responsefor the counter value 602 between the receiver account 212 and theserver for matching the protocol sequence 252 of FIG. 2 or the trafficof the private sharing mechanism 248 and the vector testing mechanism250. The unification module 504 can utilize the placeholder content 264of FIG. 2 for the redundant request-response.

The unification module 504 can generate the unified-protocol privacymechanism 258 of FIG. 2 with overloading specific location coordinatesto carry special meaning. For example, the specific location coordinatescan include ‘not nearby’, represented by ‘x_(n)’, ‘nearby’, representedby ‘x_(y)’, or ‘invisible’, represented by ‘x_(i)’. The unificationmodule 504 can use the specific location as a dummy location through theplaceholder content 264 of FIG. 2. For example, the placeholder content264 can include longitudes larger than 180. The placeholder content 264for the x_(i) coordinate can be used with the private sharing mechanism248 when the user wants to be invisible with respect to another user.

The unification module 504 can generate the unified-protocol privacymechanism 258 including the unified format 262. The unified format 262can include the counter value 602, a first direction field 902, a seconddirection field 904, a cell number, a vector 906, or a combinationthereof. The counter value 602, the first direction field 902, thevector, or a combination thereof can be mandatory for a first iteration.The second direction field 904, the cell number, or a combinationthereof can be random bit when the first direction field 902 indicatesthe private sharing mechanism 248.

The counter value 602 is a representation of a reference regarding thecommunication between the source account 210 and the receiver account212. The counter value 602 can be a random value or a value startingfrom 0 and incrementing each time the source account 210 and thereceiver account 212 communicates.

The first direction field 902 is a description of the instance of theexchange protocol 236 appropriate from the perspective of the sourceaccount 210. The second direction field 904 is a description of theinstance of the exchange protocol 236 appropriate from the perspectiveof the receiver account 212. The first direction field 902, the seconddirection field 904, or a combination thereof can be based on theprotocol scenario 254 for a corresponding instance of the exchangeprotocol 236 in comparison with previous usage, context, user selection,or a combination thereof.

The cell number can include an identification of a geographic area or aregion having the source account 210, the receiver account 212, thedevice associated therewith, or a combination thereof therein. Thevector 906 is the information intended for communication. The vector 906can include the content information 216 of FIG. 2 or a portion therein.For example, the vector 906 can represent the relevant location 218.

The unification module 504 can generate the unified-protocol privacymechanism 258 including the unified sequence 260 of FIG. 2 utilizing apayload matching process. The unification module 504 can utilize thepayload matching process including a check-in process and a retrievalprocess for communicating an initial data 908. The initial data 908 caninclude data exchanged between devices for an initial iteration of theunified-protocol privacy mechanism 258.

The check-in process can be performed by the source account 210 of FIG.2 to share the relevant location 218 of FIG. 2 with the receiver account212 of FIG. 2. The receiver account 212 can perform the retrievalprocess to access the relevant location 218 from the source account 210.The retrieval process can be performed at any time after the check-inprocess regardless of the online status 268 of FIG. 2 of the sourceaccount 210.

The source account 210 and the receiver account 212 can share a key,represented as ‘k’, such as the protocol key 238 of FIG. 2. The sourceaccount 210 and the receiver account 212 can create a source key and areceiver key, such as ‘k₁’ and ‘k₂’, by encrypting the counter value 602with the key. The unification module 504 can generate theunified-protocol privacy mechanism 258 to identify the protocol key 238for communicating between the devices, generating the counter value 602encrypted with the protocol key 238 for communicating the counter value602 between the devices, or a combination thereof.

The check-in process can be based on the communication history 270 ofFIG. 2 between the source account 210 and the receiver account 212. Forexample, the check-in process can determine an appropriateness, aprevious usage, a preference, or a combination thereof for an instanceof the exchange protocol 236, such as the vector testing mechanism 250or the private sharing mechanism 248, for the first device 102, thesecond device 106, the third device 108, the source account 210, thereceiver account 212, or a combination thereof.

The source account 210 can generate a random number for the countervalue 602. The source account can encrypt the counter value 602 with thekey ‘k’. The source account 210 can communicate the counter value 602 tothe server and two encrypted bits.

It has been discovered that the protocol key 238 provides increasedlevel of security. The protocol key 238 shared between the sourceaccount 210 and the receiver account 212 can allow the usage of theunified-protocol privacy mechanism 258 for communicating only betweenthe source account 210 and the receiver account 212. The source account210 and the receiver account 212 can recognize and process the exchangedinformation according to a common instance of the unified sequence 260or the unified format 262 for both the source account 210 and thereceiver account 212 as accessed through the protocol key 238.

The two encrypted bits can include the first direction field 902representing the privacy rating 222 of FIG. 2, for a granularity of therelevant location 218 shared with the source account 210. The firstdirection field 902 can further indicate whether the source account 210can use the vector testing mechanism 250 or the private sharingmechanism 248. The first direction field 902 can be represented as‘b_(B) _(→) _(A)’.

The other bit of the two encrypted bits can include the second directionfield 904 for representing a sharing granularity of the receiver account212 toward the source account 210. The second direction field 904 can bebased on the communication history 270, stored from the previousretrieval of the receiver account 212, such as for ‘b_(A) _(→) _(B)’.

The unification module 504 can generate the unified-protocol privacymechanism 258 to send ‘r R(x_(B), θ)+s’ to the server when the receiveraccount 212 and the source account 210 both reference the vector testingmechanism 250. The unification module 504 can generate theunified-protocol privacy mechanism 258 to send the encrypted instance ofthe relevant location 218 for the vector, represented by ‘(x_(y)⊕k₁,k₂)’ or ‘v₂=(x_(n)⊕k₁, k₂)’, based on the specific location coordinatesindicating the receiver account 212 is ‘nearby’ the source account 210when the receiver account 212 references the private sharing mechanism248 and the source account 210 references the vector testing mechanism250.

The unification module 504 can generate the unified-protocol privacymechanism 258 to otherwise send the vector of ‘(x_(B)⊕k₁, k₂)’. Thesource account 210 can send ‘invisible’ or ‘x_(i)’ for ‘x_(B)’ for the‘invisible’ status.

For the retrieval process, the receiver account 212 can acquire thecontent information 216 such as the relevant location 218 from thesource account 210. The receiver account 212 can retrieve the countervalue 602, ‘b_(B) _(→) _(A)’, ‘b_(A) _(→) _(B)’, or a combinationthereof. The receiver account 212 can abort when ‘b_(B) _(→) _(A)’indicates the vector testing mechanism 250 and ‘b_(A) _(→) _(B)’ is outof date or has expired.

Otherwise, the unification module 504 can generate the unified-protocolprivacy mechanism 258 to proceed as in the vector testing mechanism 250when both the receiver account 212 and the source account 210 indicatethe vector testing mechanism 250. The unification module 504 cangenerate the unified-protocol privacy mechanism 258 to have the receiveraccount 212 send the vector ‘v₁=R(u, θ)’ to the server in such case.

The unification module 504 can generate the unified-protocol privacymechanism 258 to send a random value for the vector, such as ‘(b₁, b₂)’when at least one of the receiver account 212 or the source account 210do not indicate the vector testing mechanism 250. The random valuevector can correspond to a location through the vectorization processinstead of a completely random vector.

After communicating the initial data 908, the unification module 504 cangenerate the unified-protocol privacy mechanism 258 to then have theserver calculate a vector product 910, represented as ‘m=<v₁, v₂>’. Thevector product 910 is a processing result combining or encrypting one ormore instances of the vector 906. The unification module 504 cangenerate the unified-protocol privacy mechanism 258 to have the firstdevice 102, the third device 108, or a combination thereof to expect,receive, cooperate, or a combination thereof for a calculation of thevector product 910 by the second device 106.

The unification module 504 can generate the unified-protocol privacymechanism 258 to have the second device 106 calculate the vector product910. The unification module 504 can generate the unified-protocolprivacy mechanism 258 to have the server send the vector product 910 tothe receiver account 212 or the device associated therewith.

The unification module 504 can generate the unified-protocol privacymechanism 258 to then have the receiver account 212 or the deviceassociate therewith decrypt the vector product 910 to determine thevector 906 and receive the content information 216 transmitted by thesource account 210. The receiver account 212 can calculate ‘<R(u, θ),s)>’ when both the receiver account 212 and the source account 210 bothindicate the vector testing mechanism 250. The receiver account 212 candetermine that the source account 210 is nearby when ‘<R(u, θ), s)>’ isequal to ‘m’.

Otherwise, the unification module 504 can generate the unified-protocolprivacy mechanism 258 to have the receiver account 212 receive‘m=b₁(x_(B)⊕k₁)+b₂k₂’. The receiver account 212 can calculate ‘x_(B)’.

For the unified-protocol privacy mechanism 258, the server can calculatethe vector product 910 regardless of the conditions. Moreover, theunification module 504 can generate the unified-protocol privacymechanism 258 to keep the server from inferring data from the vectorrepresenting the content information 216.

The unification module 504 can generate the unified-protocol privacymechanism 258 to further combine the private-set intersection protocol802 of FIG. 8. The structure of the private-set intersection protocol802 and the initial data 908 describe above can be the same, whichresults in no requirement for matching the protocol scenario 254. Theunification module 504 can generate the unified-protocol privacymechanism 258 to match the payload for unifying the private-setintersection protocol 802.

Matching the payload can be performed in a variety of ways. Theunification module 504 can generate the unified-protocol privacymechanism 258 to optimize the method, such as in terms of payload sizeas described above. The unification module 504 can further generate theunified-protocol privacy mechanism 258 by adding a further protocolfield for representing the unified-protocol privacy mechanism 258 and anadditional protocol field for sharing the polynomials, such as A(t) orB(t) described above. The unified sequence 260 can be same as theprotocol sequence 252 of the unified-protocol privacy mechanism 258, butincluding the further protocol field and the additional protocol fieldfor corresponding to the protocol scenario 254 for the private-setintersection protocol 802.

It has been discovered that the unified sequence 260 and the unifiedformat 262 utilizing the first direction field 902, the second directionfield 904, and the vector 906 provides increased protection for thecontent information 216 from access by the unintended observer 214 ofFIG. 2. The first direction field 902, the second direction field 904,and the vector 906 can enable recognition and processing for the unifiedsequence 260 and the unified format 262 across multiple mismatchinginstances of the exchange protocol 236 for all available instances ofthe protocol scenario 254. The first direction field 902, the seconddirection field 904, and the vector 906 can be used to identify thecontent information 216 being shared using the unified-protocol privacymechanism 258.

Referring now to FIG. 10, therein is shown a further detailed example ofthe unified-protocol privacy mechanism 258 of FIG. 2. The unificationmodule 504 of FIG. 5 can generate the unified-protocol privacy mechanism258 by combining instances of the exchange protocol 236 of FIG. 2 asdescribed above.

For example, the unification module 504 can combine the private-setintersection protocol 802 of FIG. 8 to a combination of the vectortesting mechanism 250 of and the private sharing mechanism 248 asdescribed in FIG. 9. The unification module 504 can combine multipleprotocols, such as for two or more protocols, inductively.

The unification module 504 can analyze and observe that a structure ofthe private-set intersection protocol 802 and the unified-protocolprivacy mechanism 258 for unifying previous instances of the protocolscan be the same. The unification module 504 can determine that theprocess for matching the traffic is unnecessary. The unification module504 can match the payloads for providing protection against even anadvanced adversary in determining which protocol is in use withoutauthorization while communicating parties may be able to distinguish theprotocols.

Matching the payloads can be done in many ways. For example, theunification module 504 add a protocol bit for the private-setintersection protocol 802 use and another component for sharing thepolynomials such as ‘A(t)’ and ‘B(t)’ shown in FIG. 8.

The steps in the unified-protocol privacy mechanism 258 can be separatedand handled disjoint. For example, assume that user B may have done aretrieval of A's preference at some point in the past, if A's preferenceis the private sharing mechanism 248 or the vector testing mechanism250, the user B can assign random values to the “PSI Protocol bit” and“PSI polynomial” fields of the payload and performs the first iteratedunified protocol on the remaining fields. If the protocol is the privatesharing mechanism 248 then user B can use “PSI Protocol bit” and “PSIpolynomial” fields to run the steps of the private sharing mechanism248, other fields can be chosen randomly for matching the data sizes.During retrieval phase, user A can act accordingly and perform bothprotocols operations if it takes part in the underlying protocols.

The modules described herein can be hardware implementation or hardwareaccelerators, including passive circuitry, active circuitry, or both, infirst communication unit 316 of FIG. 3, the second communication unit336 of FIG. 3, the third communication unit 416 of FIG. 4, the firstcontrol unit 312 of FIG. 3, the second control unit 334 of FIG. 3, thethird control unit 412 of FIG. 4, or a combination thereof. The modulescan also be hardware implementation or hardware accelerators, includingpassive circuitry, active circuitry, or both, within the first device102, the second device 106, the third device 108, or a combinationthereof but outside of the first communication unit 316, the secondcommunication unit 336, the third communication unit 416, the firstcontrol unit 312, the second control unit 334, the third control unit412, or a combination thereof.

For illustrative purposes, the various modules have been described asbeing specific to the first device 102, the second device 106, the thirddevice 108, or a combination thereof. However, it is understood that themodules can be distributed differently. For example, the various modulescan be implemented in a different device, or the functionalities of themodules can be distributed across multiple devices. Also as an example,the various modules can be stored in a non-transitory memory medium

As a more specific example, one or more modules described above can bestored in the non-transitory memory medium for distribution to adifferent system, a different device, a different user, or a combinationthereof. Also as a more specific example, the modules described abovecan be implemented or stored using a single hardware unit, such as achip or a processor, or across multiple hardware units.

The modules described in this application can be stored in thenon-transitory computer readable medium. The first storage unit 314 ofFIG. 3, the second storage unit 346 of FIG. 3, the third storage medium414 of FIG. 4, or a combination thereof can represent the non-transitorycomputer readable medium. The first storage unit 314, the second storageunit 346, the third storage medium 414 or a combination thereof, or aportion therein can be removable from the first device 102, the seconddevice 106, the third device 108, or a combination thereof. Examples ofthe non-transitory computer readable medium can be a non-volatile memorycard or stick, an external hard disk drive, a tape cassette, or anoptical disk.

The physical transformation from the unified-protocol privacy mechanism258 results in the movement in the physical world, such as a makeup ofthe information exchanged between devices and a timing or a sequencethereof. The exchanged information can influence the user's movement,such as interacting with other users or availing contact or informationto other users. Movement in the physical world results in changes to theaccount connection 208, the privacy rating 222, the protocol profile240, or a combination thereof, which can be fed back into the computingsystem 100 to further process the unified-protocol privacy mechanism258.

The resulting method, process, apparatus, device, product, and/or systemis straightforward, cost-effective, uncomplicated, highly versatile,accurate, sensitive, and effective, and can be implemented by adaptingknown components for ready, efficient, and economical manufacturing,application, and utilization. Another important aspect of an embodimentof the present invention is that it valuably supports and services thehistorical trend of reducing costs, simplifying systems, and increasingperformance.

These and other valuable aspects of an embodiment of the presentinvention consequently further the state of the technology to at leastthe next level.

While the invention has been described in conjunction with a specificbest mode, it is to be understood that many alternatives, modifications,and variations will be apparent to those skilled in the art in light ofthe aforegoing description. Accordingly, it is intended to embrace allsuch alternatives, modifications, and variations that fall within thescope of the included claims. All matters set forth herein or shown inthe accompanying drawings are to be interpreted in an illustrative andnon-limiting sense.

What is claimed is:
 1. A computing system comprising: a control unitincluding at least one processor configured to: determine a protocolprofile including a first protocol and a second protocol forcommunicating between a first device and a second device with eachprotocol including a unique order of communication exchanges between thefirst device and the second device according to a protocol scenariocorresponding to each protocol, generate a unified-protocol privacymechanism based on combining the first protocol and the second protocolfor implementing a common order of communication exchanges for bothinstances of the protocol scenario instead of the first protocol and thesecond protocol; and a communication unit including microelectronics,coupled to the control unit, configured to communicate contentinformation according to the unified-protocol privacy mechanism betweenthe first device and the second device for both instances of theprotocol scenario for preventing recognition of the content based onrecognition of the unique order.
 2. The system as claimed in claim 1wherein: the control unit is configured to generate acache-communication profile controlling a content share time forcommunicating the content information; the communication unit isconfigured to communicate the content information according to thecache-communication profile; and further comprising: a storage unitincluding memory, coupled to the control unit, configured to store thecontent information according to the cache-communication profile.
 3. Thesystem as claimed in claim 1 wherein the control unit is configured togenerate the unified-protocol privacy mechanism utilizing a placeholdernode for communicating the content information between the first deviceand the second device.
 4. The system as claimed in claim 1 wherein: theprotocol profile includes a private sharing mechanism for the firstprotocol and a vector testing mechanism for the second protocol; and thecommunication unit is configured to communicate the content informationbased on a relevant location.
 5. The system as claimed in claim 1wherein the control unit is configured to: identify a protocol key forcommunicating between the first device and the second device; andgenerate a counter value encrypted with the protocol key forcommunicating the counter value between the first device and the seconddevice.
 6. The system as claimed in claim 1 wherein the control unit isconfigured to generate the unified-protocol privacy mechanismindependent of a privacy rating associated with a relevant location. 7.The system as claimed in claim 1 wherein the unified-protocol privacymechanism includes a unified format for communicating a counter value, afirst direction field, a second direction field, a vector, or acombination thereof.
 8. The system as claimed in claim 1 the controlunit is configured to generate the unified-protocol privacy mechanismincluding a unified sequence for communicating initial data, forcalculating a vector product, for determining a vector, or a combinationthereof.
 9. The system as claimed in claim 1 wherein the control unit isconfigured to generate the unified-protocol privacy mechanism utilizinga placeholder content independent of the content information.
 10. Amethod of operation of a computing system comprising: determining aprotocol profile including a first protocol and a second protocol forcommunicating between a first device and a second device with eachprotocol including a unique order of communication exchanges between thefirst device and the second device according to a protocol scenariocorresponding to each protocol; generating a unified-protocol privacymechanism with a control unit based on combining the first protocol andthe second protocol for implementing a common order of communicationexchanges for both instances of the protocol scenario instead of thefirst protocol and the second protocol; and communicating contentinformation according to the unified-protocol privacy mechanism betweenthe first device and the second device for both instances of theprotocol scenario for preventing recognition of the content based onrecognition of the unique order.
 11. The method as claimed in claim 10further comprising: generating a cache-communication profile controllinga content share time for communicating the content information; storingthe content information according to the cache-communication profile;and wherein: communicating the content information includescommunicating the content information according to thecache-communication profile.
 12. The method as claimed in claim 10wherein generating the unified-protocol privacy mechanism includesgenerating the unified-protocol privacy mechanism utilizing aplaceholder content independent of the content information.
 13. Themethod as claimed in claim 10 wherein generating the unified-protocolprivacy mechanism includes generating the unified-protocol privacymechanism utilizing a placeholder node for communicating the contentinformation between the first device and the second device.
 14. Anon-transitory computer readable medium including instructions for acomputing system comprising: determining a protocol profile including afirst protocol and a second protocol for communicating between a firstdevice and a second device with each protocol including a unique orderof communication exchanges between the first device and the seconddevice according to a protocol scenario corresponding to each protocol;generating a unified-protocol privacy mechanism based on combining thefirst protocol and the second protocol for implementing a common orderof communication exchanges for both instances of the protocol scenarioinstead of the first protocol and the second protocol; and communicatingcontent information according to the unified-protocol privacy mechanismbetween the first device and the second device for both instances of theprotocol scenario for preventing recognition of the content based onrecognition of the unique order.
 15. The non-transitory computerreadable medium as claimed in claim 14 further comprising: generating acache-communication profile controlling a content share time forcommunicating the content information; storing the content informationaccording to the cache-communication profile; and wherein: communicatingthe content information includes communicating the content informationaccording to the cache-communication profile.
 16. The non-transitorycomputer readable medium as claimed in claim 14 wherein generating theunified-protocol privacy mechanism includes generating theunified-protocol privacy mechanism utilizing a placeholder contentindependent of the content information.
 17. The non-transitory computerreadable medium as claimed in claim 14 wherein generating theunified-protocol privacy mechanism includes generating theunified-protocol privacy mechanism utilizing a placeholder node forcommunicating the content information between the first device and thesecond device.